US6950936B2 - Secure intranet access - Google Patents

Secure intranet access Download PDF

Info

Publication number
US6950936B2
US6950936B2 US10650211 US65021103A US6950936B2 US 6950936 B2 US6950936 B2 US 6950936B2 US 10650211 US10650211 US 10650211 US 65021103 A US65021103 A US 65021103A US 6950936 B2 US6950936 B2 US 6950936B2
Authority
US
Grant status
Grant
Patent type
Prior art keywords
secure
server
data
network
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US10650211
Other versions
US20040049702A1 (en )
Inventor
Anand Subramaniam
Hashem M Ebrahimi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
RPX Corp
Original Assignee
Micro Focus Software Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0807Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer

Abstract

Methods, signals, devices, and systems are provided for secure access to a network from an external client. Requests for access to confidential data may be redirected from a target server to a border server, after which a secure sockets layer connection between the border server and the external client carries user authentication information. After the user is authenticated to the network, requests may be redirected back to the original target server. Web pages sent from the target server to the external client are scanned for non-secure URLs such as those containing “http://” and modified to make them secure. The target server and the border server utilize various combinations of secure and non-secure caches. Although tunneling, may be used, the extensive configuration management burdens imposed by virtual private networks are not required.

Description

PRIORITY

The present application is a continuation of U.S. application Ser. No. 09/493,506, filed on Jan. 28, 2000, which is now U.S. Pat. No. 6,640,302 issued Oct. 28, 2003, which is a divisional of U.S. application Ser. No. 09/268,795, filed on Mar. 16, 1999, which is now U.S. Pat. No. 6,081,900 issued Jun. 27, 2000. These applications are incorporated by reference herein.

FIELD OF THE INVENTION

The present invention relates to computer network security, and more particularly to the task of providing a user who is presently at a client machine outside the perimeter of a secure network with convenient, efficient, and secure access to data stored on a target server which is located within the secure network.

TECHNICAL BACKGROUND OF THE INVENTION

Distributed computing systems are becoming increasingly useful and prevalent. Distributed computers are now connected by local area networks, wide area networks, and networks of networks, such as the Internet. Many such networks are secured with a security perimeter which is defined by firewall software, routing limitations, encryption, virtual private networks, and/or other means. Machines within the security perimeter are given ready access to data stored in the secure network (possibly subject to user and group permissions, access control lists, and the like), while machines outside the perimeter are substantially or entirely denied access.

With the growth of such secure networks and their information content, there is an urgent need to support secure access by authorized users even when those users log in from a client machine outside the network security perimeter. A wide variety of tools and techniques relating to networks and/or security are known, at least individually and to at least some extent, including: computer network architectures including at least transport and session layers, sockets, clients, and servers; hyperlinks and uniform/universal resource locators (URLs); communications links such as Internet connections and LAN connections; proxy servers for HTTP and some other protocols; internetworking; Kerberos authentication; authentication through certificates exchanged during an SSL handshake; tying certificates to access control lists so that users are identified in certificates presented during the SSL handshake instead of being identified by an IP address, DNS name, or username and password; multiple instances of a server on the same machine in order to serve both insecure and secure documents; using a single password to log into an entire network rather than logging into individual servers; proxy servers as an example of servers which require user authentication; a secure sockets layer protocol manifestation in URLs, including protocol identifiers “http://” and “https://”; the use of a specific server port for network communication; various definitions of VPNs (virtual private networks); “route filtering” which controls route propagation; Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP); use of encryption technologies to provide the segmentation and virtualization required for VPN connectivity deployed in almost any layer of the protocol stack; transport or application layer VPNs; basic VPN requirements such as user authentication, address management, data encryption, key management, and multiprotocol support; tunneling by packet encapsulation, packet transmission, and packet unencapsulation; Lightweight Directory Access Protocol; a split proxy system for a protected computer network; translation between transport layer protocols; translation between IP and non-IP protocols; a proxy server within a network which receives a request for a protected Web resource from a browser outside the network and requires authentication of the browser to the proxy using some combination of a user ID and/or password; Novell/NetWare Directory Service (NDS) and user access controls; Windows NT Domain directory; Reverse Proxy/Virtual Hosting; a proxy server with HTTP caching, use of a proxy server by configuring client software to connect through the proxy server to prevent the client from being connected directly to the Internet; SSL encryption; an entry manager which serves as a single point of network entry for all users; a Trusted Sendmail Proxy, in the context of sensitivity labels and privileges, including a small, trusted program which acts as a communication path between an inside compartment that performs privileged internal operations and delivers local messages and an outside compartment that collects and send messages without privilege; a secured https proxy which apparently does SSL tunneling, logging, and reacting to events; software which apparently allows use of https URLs by way of an SSL connection with a program that wraps https calls to http; a protocol stream or content processor which knows how to convert something involving an URL into a proprietary content container which knows its content and that content's type, for HTTP, HTTPS, FTP, gopher, and other protocols; redirection of HTTP requests in connection with an HTTP proxy; superuser privileges; and object rights and property rights which apply to properties of an NDS object, as well as distribution of directory information across the network through replication.

References which mention or discuss these and possibly other tools and techniques are identified and discussed relative to the present invention in a Petition for Special Examining Procedure filed concurrently with the present application. To the extent that the Petition describes the technical background of the invention as opposed to the invention itself, the text of the Petition is incorporated herein by this reference This incorporation by reference does not imply that the claimed invention was previously known.

Although a wide variety of tools and techniques relating to networks and/or security are known, it has not previously been known how to combine them to provide clients outside a secure network perimeter with sufficiently convenient, efficient, and secure access to Web pages stored on servers within the secure network.

For example, some previous approaches require that the user's name and/or password be sent across a network communications link in plain text. Other approaches use only a weak form of encryption, such as uuencoding, to protect the authentication information. In both cases, the authentication information is quite vulnerable to theft and misuse.

As another example, some previous approaches utilized strong encryption but required that special software be previously installed on both the client machine which is seeking access and on the server machine which holds the data sought by the client. Such approaches are taken by many virtual private networks, as well as by individual machines configured with public key/private key encryption software such as PGP software. These approaches protect user authentication information and/or the data which is transmitted after a user is authenticated, but they are not sufficiently convenient and efficient.

In particular, virtual private networks require significant administrative effort and vigilant attention to details in order to avoid problems arising from incorrect or inconsistent configurations. Moreover, widely used Web browsers such as those available from Netscape and Microsoft do not normally include full support for either virtual private networking or application-level encryption software such as PGP software.

Accordingly, it would be an advancement in the art to improve the tools and techniques that are available to provide a user who is presently at a client outside the perimeter of a secure network with convenient, efficient, and secure access to data stored on a server located within the secure network.

Such improvements to secure network access are disclosed and claimed herein.

BRIEF SUMMARY OF THE INVENTION

In one embodiment, the present invention provides a distributed computing system which allows secure external access to a secure network such as a secure intranet. The system includes a target server within the secure network; a border server within the secure network; a client outside the secure network; a user authentication system located at least partially within the secure network; and a uniform resource locator transformer.

The border server is connectable to the target server by a first communications link, such as an intranet or Ethernet link. The client is connectable to the border server by a second communications link, such as a TCP/IP link. The client and the border server are configured to support secure sockets layer communication over the second communications link using SSL or similar software.

The secure network is configured with authentication software and supporting data to allow direct access to the target server by a user only after the user is authenticated by the user authentication system. Typically, the user could readily log onto the network from an internal client at work, and the security questions addressed by the invention arise because the user wishes to log on through an external client at home or in the field rather than an internal one at work.

The uniform resource locator (URL) transformer modifies non-secure uniform resource locators in data being sent from the target server to the client by replacing them with corresponding secure URLs to promote continued use of secure sockets layer communication. The URL transformer is an “SSL-izer”. For instance, the URL transformer may replace instances of “http” which refer to locations inside the secure network 100 by corresponding instances of “https” which refer to the same locations. The modifications to the data promote continued use of a secure connection such as an SSL connection. An URL transformer may be located on the border server, on the target server, or both. If the URL transformer is located on the target server, the system may include tunneling software for tunneling secure data (which was transformed into secure form at the target server) between the client and the target server through the border server.

The border server and/or target server may include one or more data caches. For instance, in one configuration the border server has a cache that holds data from the target server which contains non-secure URLs, and the URL transformer introduces secure URLs on the fly without requiring that the transformed data also be cached on the border server. In another configuration, a border server cache includes a non-secure data cache for internal clients and a secure data cache for external clients. The non-secure data cache holds data that contains non-secure URLs, and the secure data cache holds data that does not contain any non-secure URLs. In yet another configuration, the border server cache is simply free of data that contains non-secure URLs.

In short, systems according to the invention use novel URL transformation and more familiar mechanisms such as HTTP redirection and SSL software (in novel ways) to provide secure authentication of a user from an external client and to provide secure transmission of confidential data between the target server and the external client.

By transforming non-secure UPLs into secure URLs, the invention forces continued use of secure communications despite the inherent security problems caused by the lack of state information in HTTP. HTTP servers and browsers do not ordinarily “remember” security requirements from one Web page transmission to the next without some assistance. Accordingly, the present invention forces use of HTTPS or a similar secure connection each time the user follows an URL to confidential data. In addition, the invention provides security without requiring the installation of new client or target server software. Other features and advantages of the invention, and embodiments of the invention in methods, storage media, and signals, will all become more fully apparent through the following description.

BRIEF DESCRIPTION OF THE DRAWINGS

To illustrate the manner in which the advantages and features of the invention are obtained, a more particular description of the invention will be given with reference to the attached drawings. These drawings only illustrate selected aspects of the invention and thus do not limit the invention's scope. In the drawings:

FIG. 1 is a diagram illustrating a secure network, a client outside the network, and several aspects of the present invention which allow secure communication between the client and the network.

FIG. 2 is a flowchart illustrating several methods of the present invention.

FIG. 3 is a diagram further illustrating one embodiment of the client and secure network shown in FIG. 1.

FIG. 4 is a diagram further illustrating another embodiment of the client and secure network shown in FIG. 1.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The present invention relates to methods, systems, signals, and devices for providing a user located outside a secure network with convenient, efficient, and secure access to data stored within the network. In particular, the invention provides and uses novel modifications to uniform resource locators (sometimes called “universal resource locators” or “URLs”) to protect user authentication information and to protect data such as intranet Web pages which are sent to the user from within the secure network. Various components of the invention and its environment are discussed below.

Network and Computer Architecture

One of the many secure computer networks suited for use with the present invention is indicated at 100 in FIG. 1. The secure network 100 has a security perimeter 102 which is defined by firewall software, routing limitations, encryption and/or other means familiar to those of skill in the art. Authorized users can log into particular servers and/or to the network as a whole from clients within the security perimeter and access data of the network 100 subject only to permissions, database locks, and the like, whereas attempts by the same authorized users to access the same data from outside the perimeter 102 are generally not allowed (at least, not without the invention or similar functionality).

A wide variety of secure networks 100 may be configured according to the invention, including both individual computer networks and larger networks which are aggregations of smaller networks. For example, suitable computer networks 100 include local area networks, wide area networks, and/or portions of the Internet such as a private Internet, a secure Internet, a value-added network, or a virtual private network. The secure network 100 may also include or consist of a secure intranet, which is a secure network that employs TCP/IP and/or HTTP protocols internally.

In one embodiment, the secure network 100 includes Novell NetWare® network operating system software (NETWARE is a registered trademark of Novell, Inc.). In alternative embodiments, the secure network 100 includes NetWare Connect Services, VINES, Windows NT, Windows 95, Windows 98, Windows 2000, LAN Manager, or LANtastic network operating system software and/or an implementation of a distributed hierarchical partitioned object database according to the X.500 protocol such as Novell Directory Services or Lightweight Directory Access Protocol (LDAP) directory services (VINES is a trademark of Banyan Systems; NT, WINDOWS 95, WINDOWS 2000, and LAN MANAGER are trademarks of Microsoft Corporation, LANTASTIC is a trademark of Artisoft). The secure network 100 may be connectable to other networks, including other LANs or portions of the Internet or an intranet, through a gateway or similar mechanism.

The secure network 100 includes one or more file or object or Web servers such as a target server 104. The secure network 100 also includes at least one border server 106. The target server 104 and the border server 106 will often run on separate machines, but they may be merely separate processes which share one machine.

In the illustrated configuration, the border server 106 includes an URL transformer 108 and one or more caches 110. As discussed in greater detail below, the URL transformer 108 modifies uniform resource locators (URLs) to protect the confidentiality of data sent to a user outside the secure network 100. The caches 110 are also discussed below.

The secure network 100 may include additional servers and zero or more internal clients. The servers and the internal clients (if any) within the secure network 100 are connected by network signal lines to permit communications links between them in the form of network connections. In addition to their functionality as described herein, one or more of the servers 104, 106 may also be configured by those of skill in the art in a wide variety of ways to operate as Internet servers, as intranet servers, as proxy servers, as directory service providers or name servers, as software component or other object servers, or as a combination thereof. A given computer may function both as an internal client and as a server; this may occur, for instance, in peer-to-peer networks or on computers running Microsoft Windows NT or Windows 2000 software. The servers 104, 106 may be uniprocessor or multiprocessor machines. The servers 104, 106 and internal clients (if any) each include an addressable storage medium such as random access memory and/or a nonvolatile storage medium such as a magnetic or optical disk.

Suitable network 100 internal clients include, without limitation, personal computers, laptops, workstations, disconnectable mobile computers, mainframes, information appliances, personal digital assistants, and other handheld and/or embedded processing systems. The signal lines which support communications links to the servers 104, 106 may include twisted pair, coaxial, or optical fiber cables, telephone lines, satellites, microwave relays, modulated AC power lines, and other data transmission “wires” known to those of skill in the art. Signals according to the invention may be embodied in such “wires” and/or in the addressable storage media (volatile and/or nonvolatile). In addition to the servers 104, 106 and any internal client computers, the secure network 100 may include other equipment such as printers, plotters, and/or disk arrays. Although particular individual and network computer systems and components are shown, those of skill in the art will appreciate that the present invention also works with a variety of other networks and computers.

One or more of the servers 104, 106 and internal clients may be capable of using floppy drives, tape drives, optical drives or other means to read a storage medium. A suitable storage medium includes a magnetic, optical, or other computer-readable storage device having a specific physical substrate configuration. Suitable storage devices include floppy disks, hard disks, tape, CD-ROMs, PROMs, RAM and other computer system storage devices. The substrate configuration represents data and instructions which cause the computer system to operate in a specific and predefined manner as described herein. Thus, the medium tangibly embodies a program, functions, and/or instructions that are executable by the servers 104, 106 and/or clients to perform secure network access steps of the present invention substantially as described herein.

The illustrated novel configurations also include an external client 112 which resides (at least initially) outside the security perimeter 102. The external client 112 may be a single workstation, for instance, or another machine of the types discussed above in reference to internal clients. Indeed, internal clients and external clients may differ merely in physical location and in the fact that internal clients have ready access to data stored on the target server 104 without the present invention while external clients gain access through the invention. The external client 112 may also be a server which provides secure access between the secure network 100 and one or more secondary clients 114 on a network 116 which is served by and/or accessed through the client 112.

Operation

With continued reference to FIG. 1 and with reference to FIG. 2 as well, the invention operates generally in the following manner. During a requesting step 120, the external client 112 requests access to data which is stored on the target server 104. From the perspective of the target server 104, this involves receiving a request during a step 200.

By checking the IP address from which the request was made, communicating with the firewall software, or other familiar means, the target server 104 determines that the request came from outside the security parameter 102. Accordingly, the target server 104 does not simply provide the requested data. Of course, even if the request came from inside the security parameter 102, the target server would generally check user permissions against access control lists associated with the data, or take other steps to make sure the requesting user is entitled to access the requested data before providing that data. User permissions, access control lists, labels, and similar security controls which have a granularity smaller than the security perimeter 102 may continue to be used in combination with the security constraints described herein.

In one embodiment, a redirector on the border server 106 redirects the request from the client 112 to the border server 106 during a step 122. The border server 106 is advertised as the target server 104. In practice, the border server 106 will often be on a separate machine than the target server 104, but those of skill in the art will appreciate that the target server 104 and the border server 106 may also run on the same machine. The redirection may be accomplished using redirection capabilities which are part of the HTTP protocol. These redirection capabilities are conventionally used to automatically redirect Web browsers when a Web site has moved, that is, when the URL for the Web site has changed. In the context of the present convention, the Web site for which access is sought has not moved, in that the desired data still resides on the target server 104. Instead, HTTP redirection provides a convenient and efficient tool for sending requests from external clients to the border server 106 to maintain security as described herein.

For example, assume that the target server 104 is identified by the URL “http://www.Novell.com”. The redirection step 122 might return the following URL to the external client 112:

https://BorderManager:443?“http://www.Novell.com”

(for authentication), or it might return the URL:

https://BorderManager:443?“https://www.Novell.com:443”

(authentication and force through the SSL-izer). Several things are worth noting in such a redirection URL signal.

First, the redirection signal seeks to change the protocol from HTTP to HTTPS. As those of skill in the art will recognize, the HTTPS protocol uses secure sockets layer communication. A familiar embodiment of secure sockets layer communication is provided by SSL software operating according to U.S. Pat. No. 5,825,890 assigned to Netscape Communications Corporation. However, as used herein the term “secure sockets layer communication” is not limited to SSL connections but instead includes any form of network communication which utilizes encryption in TCP/IP sockets and which is widely available in Web browsers and the servers with which those browsers communicate.

Second, the redirection signal refers to the border server 106 as “BorderManager” in deference to the BorderManager product line from Novell, Inc. (BorderManager is a mark of Novell, Inc.). Those of skill in the art will understand that the border server 106 need not be a Novell BorderManager server, but need merely operate as claimed herein.

Third, the redirection signal refers to port 443 of the border server 106. Those of skill in the art will appreciate that other ports may also be used, through a port override, for instance. Moreover, redirection need not utilize a dedicated port; it is simply convenient in many cases to do so.

Fourth, in its most general form, the redirection signal simply includes a delimited non-secure URL adjoined to a secure URL. The non-secure URL http://www.Novell.com identifies the target server 104, while the secure UPL https:/BorderManager identifies the border server 106. To conform with HTTP syntax, the non-secure URL is delimited in the example redirection signal by double quotes, other delimiters may be used with other protocols. The non-secure URL is non-secure because it does not require use of a secure connection such as a secure sockets layer or SSL link; the secure URL is secure because it does require such a secure connection.

Fifth, those of skill in the art will appreciate that directory path names and filenames may be appended to these examples to identify specific Web pages or other protected resources. For instance, the original request may have been for the web page which is located at “http://www.Novell.com/˜hashem/foo_design.htm”.

Sixth, those of skill in the art will also appreciate that FTP files, gopher resources, and other data on the target server 104 may be handled in a similar manner.

Finally, those of skill in the art will appreciate that a wide variety of signal field orderings, data sizes, and data encodings, and other variations are possible. The inventive signals may also be embodied in a system in various media. For instance, they may take the form of data stored on a disk or in RAM memory, or the form of signals on network communication lines. Some embodiments will include all signal elements discussed above, while others omit and/or supplement those elements. However, the distinctive features of the invention, as set forth in the appended claims, will be apparent in each embodiment to those of skill in the art.

During a step 124, a secure connection is formed between the border server 106 and the external client 112. This connection may be, for instance, an SSL connection formed in response to use of “https” as a protocol indicator in a request from the client 112 to the border server 106. For convenience, reference is made primarily to connections with a user of the external client 112. However, as noted earlier the client 112 may itself be a server or another node in a communications path between a user who is located at another machine 114 and who is seeking access to target server 104 data.

As indicated in FIG. 2, in some cases the external client 112 may contact the border server 106 directly so that no redirection is needed. That is, the initial request for access to the target server 104 may be directed to the border server 106 to save time. Moreover, the initial request may be combined with a request for a secure connection as discussed with reference to step 124.

Alternatively, the secure connection may be formed during step 124 before a specific request is made to the target server 104 despite the fact that step 200 is shown above step 124 in FIG. 2. More generally, steps according to the present invention may be performed in a variety of orders and the execution of steps may overlap when the result of one step is not required by another step. Steps may also be omitted, renamed, repeated, or grouped differently than shown, provided they accomplish the claimed process.

During a step 126, the user is authenticated to the secure network 100. This generally involves transmitting user authentication information over the secure connection from the client 112 to the border server 106, verifying the information within the secure network 100, and notifying the user that the authentication information has been accepted as valid. This may be accomplished in various ways.

For instance, some embodiments use an HTML page with scripts, or a Java applet, to present the user with a login screen. The user enters a user name and a corresponding password in fields shown on the login screen. The username and password are then transmitted over the secure connection to the border server 106, which passes them in turn to an authentication system within the secure network 100. If the username and password are validated by the authentication system, the border server 106 so notifies the user, and the user is then granted access to secure network 100 data as described herein (subject to permissions and the like).

In one embodiment which utilizes Novell NDS software 140, the username and user password presented by the user are that user's regular NDS name and password, which the user would typically present when logging into the secure network 100 from an internal client. The user need not manage a separate username and/or password in order to login from an external client. The login screen presented to the user may also include contextual information, such as the user's context within an NDS tree. The border server 106 presents the NDS username and password to the familiar NDS user authentication system, and looks to that authentication system for rejection or validation of the authentication information. Instead of using a Novell Directory Services database 140, or in addition to that database, the user authentication system may include a Microsoft Windows NT Domain directory 140. An embodiment of the invention which does not utilize NDS software may also authenticate a user to all servers in the secure network 100 after recognizing a single user name and a single corresponding user password.

During a step 128, non-secure data 130 is transmitted from the target server 104 to the border server 106, where it will be modified to promote continued security and then forwarded to the external client 112 during a transmitting step 132. In one embodiment, the transmitting step 128 includes a preliminary act and one or more subsequent repeated acts, as follows.

The preliminary act within the transmitting step 128 is to direct (or redirect) the external client 112 to the target server 104, and to promote use of a secure connection in so doing by making a secure connection the default. This may be done by using the HTTP redirection capability in combination with substitution of “https” for “http” in the URL which identifies the target server 104 data sought by the external client 112. In the example above, the original request from the external client 112 was for data at “http://www.Novell.com” so the redirection back to the target server 104 (after the user is authenticated to the secure network 100 during step 126) would seek data at “https://www.Novell.com” with directory and path names appended as in the original request.

The possibly repeated acts within the transmitting step 128 involve sending one or more Web pages, files, or other pieces of non-secure data 130 from the target server 104 to the border server 106. The data 130 is non-secure in that it includes hypertext links, URLs, or other references which, if presented by the external client 112 to the secure network 100, would not necessarily require use of a secure connection such as an SSL connection and which might allow non-secure access to protected network 100 data. For instance, Web pages which contain URLs specifying “http://” rather than “https://” in reference to data stored on the target server 104 are examples of non-secure data 130.

During an optional caching step 202, the non-secure data 130 may be cached in a cache 110 at the border server 106. Caching tools and techniques familiar in the art may be used; caching is discussed further below.

During a transforming step 204, the non-secure data 130 is transformed into secure data 134 by an URL transformer 108 which replaces non-secure URLs with corresponding secure URLs. For instance, the URL transformer 108 may employ familiar string search-and-replace algorithms to replace each instance of the string “http” which is tagged in HTML data 130 as an LRL protocol indicator by the string “https”. As noted, similar steps may be taken with FTP and other protocol indicators.

Care should be taken to avoid replacing string instances which are not being used within an URL as a protocol indicator. For example, instances of the string “http” in the text of this patent application would not be replaced, nor would instances which are being used as part of a directory path or a filename rather than a protocol indicator, because such replacements would not promote continued use of secure sockets layer communication.

Like other elements of the present invention, the transformer 108 may be implemented using the teachings presented here with programming languages and tools such as Java, Pascal, C++, C, Pert, shell scripts, assembly, firmware, microcode, logic arrays, PALs, ASICs, PROMS, and/or other languages, circuits, or tools as deemed appropriate by those of skill in the art.

During an optional caching step 206, the secure data 134 may be cached, using caching tools and techniques familiar in the art. Either, both, or neither of the caching steps 202, 206 may be present in a given embodiment. That is, the border server 106 may include zero, one, or two caches 110.

For instance, the non-secure data 130 may be stored in one cache 110 while the secure data 134 is stored in another cache 110. Secure data 134 is transmitted during a step 132 to external clients 112 from the secure cache 110, while non-secure data 130 is provided to internal clients from the non-secure cache 110. This split cache configuration provides the benefits of caching both to external clients and to internal clients, and it does not impose URL transformation processing costs on internal clients that only access non-secure data 130.

Another configuration stores data requested by external clients in one cache 110 regardless of whether the data has also been requested by internal clients, and stores data requested only by internal clients in another cache 110. The data requested by external clients is stored in its non-secure form and its URLs are transformed to create secure data 134 only as needed before putting data on the wire to an external client. The data sent to internal clients may include a mixture of non-secure data 130 and secure data 134; during step 132 only secure data 134 is sent to external clients.

Alternatively, all data sent to internal and/or external clients may be stored in a single cache 110, with URL transformation again being performed on-the-fly as needed when cached data is to be sent to an external client during step 132. Of course, caching may also be simply omitted in some embodiments.

As discussed above, the invention may operate by sending non-secure data 130 from the target server 104 to the border server 106, where the data is transformed by the URL transformer 108 and then transmitted as secure data 134 to the external client 112. Several variations on this approach are also possible according to the invention. Some involve caching alternative discussed above. Other variations alter the location or function of the UL transformer 108 and/or involve tunneling.

For example, after the user is authenticated during step 126 the border server 106 may function merely as a node on a path which carries secure data 134 from the target server 104 to the external client 112. This configuration may be appropriate if the target server 104 only holds secure data 134. Even if the URL transformer 108 rarely or never modifies any URLs in practice, it may still be capable of performing such modifications in case its filtering function does find any non-secure URLs. In addition, or as an alternative, the URL transformer 108 may notify an administrator if non-secure URLs are found.

It may also be appropriate for the border server 106 to function merely as a data carrier node if an URL transformer 108 is part of the target server 104 instead of (or in addition to) being part of the border server 106. The target server 104 can then transform any non-secure data 130 into secure data 134 before forwarding that data 134 to the border server 106 for subsequent transmission to the external client 112. For example, in one embodiment a transmitting step 136 sends secure data in tunneling packets 138 to the border server 106, which then forwards the data 138 to the external client 112 during a step 132. Familiar tunneling tools and techniques may be used during step 136 to transmit data which has been made secure through URL transformation according to the invention.

Additional Information

FIGS. 3 and 4 further illustrate the invention. FIG. 3 shows a configuration containing two target servers 300, 302, illustrating the fact that some embodiments of the invention involve two (or more) target servers 104. Thus, confidential data 304 to which an external client 112 seeks access may be stored in the secure network 100 on one or more target servers 104. The protected data 304 may be a mix of secure (e.g., containing “https” only) data and non-secure (e.g. at least one instance of “http” referring to data within the secure network 100) data.

In FIG. 3 the URL transformer 108 is located in the border server 106. By contrast, FIG. 4 shows a configuration in which the URL transformer 108 is part of the target server 104. Accordingly, the configuration of FIG. 3 assumes that non-secure confidential data 304 is sent from the target server 104 to the border server 106, transformed at the border server 106 by the URL transformer 108, and then provided to the external client 112. By contrast, the configuration of FIG. 4 assumes that non-secure confidential data 304 is transformed into secure data by the URL transformer 108 at the target server 104, after which the modified data is sent either directly to the external client 112 (bypassing the border server 106) or indirectly to that client 112 by way of the border server 106. Indirect transmission of secure data from the target server 104 through the border server 106 to the external client 112 could utilize, for instance, familiar tunneling tools and techniques.

For purposes of illustration, FIG. 3 shows both a non-secure data cache 306 and a secure data cache 308 as part of the border server 106. As discussed above, however, the border server 106 may also be configured according to the invention with only one of these two caches 306, 308, or with a combined cache 110 containing both secure and non-secure data, or with no cache 110. Those of skill in the art will also appreciate that the target server 104 may also include zero or more caches 110.

The border server 106 includes secure sockets layer software 310, and the external client 112 includes corresponding secure sockets layer software 318. As noted above, any commercially available software which provides a secure connection through encryption at the sockets level can be used to form the secure connection provided by the software 310, 318. Suitable software 310, 318 thus includes the SSL software provided commercially by Netscape Corporation and other vendors.

The border server 106 also includes management software 312. In various embodiments, the management software 312 provides some or all of the following functionality to permit system operation as discussed herein: handling requests which are redirected during step 122 and subsequently redirecting the external user back to that target server 104 after step 124 forms a secure connection and step 126 authenticates the user; invoking the URL transformer 108 as necessary to prevent non-secure data from being transmitted to an external client 112; managing the caches 110; interfacing with a network user authentication system 316 such as the NDS authentication system, logging user and/or system activity; alerting administrators to possible problems such as multiple failed authentication attempts, failed secure connection attempts and/or lack of resources such as memory or disk space; and managing information such as the IP address and/or session identifier used by a given external client 112 to make certain that secure data is transmitted only to the authenticated user.

The border server 106 also includes standard network and operating system software 314. Suitable networking software 314 includes Novell NetWare software, various TCP/IP implementations, Ethernet software, and other commercially available networking software. Suitable operating system software 314 includes UNIX, Linux, and UNIX variations, Microsoft Windows, and other commercially available operating system software.

The client 112 likewise includes networking and operating system software 320. Suitable software 320 includes commercially available software such as that previously mentioned. It is not necessary for the client 112 and the border server 106 to be running the same operating system and/or the same networking software, so long as a secure connection can be formed. For instance, the border server 106 might use UNIX software while the client 112 runs Windows 2000 software, with each using their respective SSL software to provide the necessary secure connection.

The client 112 includes an application program or some other piece of requesting software 322 which makes the access request during step 120. Requests may be prompted by human users and/or by system tasks or threads. The software 322 which seeks access to confidential data 304 from outside the security perimeter 102 will often be a Web browser. However, the present invention also provides secure access to other types of requesting software, including without limitation: indexing programs, search programs, database-building tools, archival tools, administrative tools, collaborative writing tools, multimedia conferencing software, and lower-level software such as file system software, operating system software, and/or networking software.

The client 112 also contains user authentication information 324. As noted above, the authentication information 324 which is used to authenticate the user and/or client to the network 100 during step 126 will often include a user name and a corresponding user password. These are preferably the same name and password used by the authorized user to log into an internal client of the secure network 100. In place of, or in addition to a user name and password, the authentication information may include certificates, tokens, public keys, and/or data from authentication tools such as biometric scans, voice prints, retinal scans, fingerprint scans, magnetic card reader results, and so on. A wide variety of suitable authentication information is familiar to those of skill in the art.

The configuration shown in FIG. 4 has much in common with the configuration shown in FIG. 3, at least with respect to many of the individual components. For instance, the comments made above regarding the confidential data 304, the caches 110, the URL transformer 108, the secure sockets layer software 310, 318, the network and operating system software 314, 320, the requesting software 322, the network user authentication system 316, and the user authentication information 324 apply to both Figures.

However, the functionality of the management software 312 on the border server 106 may be divided in the configuration of FIG. 4 between management and tunneling software 400 in the target server 104 and management and tunneling software 402 in the border server 106. The management software 312 functionality may also be supplemented by tunneling functionality. Suitable tunneling functionality is available through the literature and commercially available tunneling implementations.

The software 400 may also include the redirector for redirecting to the border server 106 the request made by the client 112 for direct access to the target server 104. This allows user authentication during step 126 to be performed by the border server 106 while URL transformation and data transmission are performed by the target server 104 and/or by the target server 104 in combination with the border server 106.

SUMMARY

The present invention uses novel URL transformations and/or more familiar mechanisms such as HTTP redirection and SSL software to provide secure authentication of a user from an external client and to then provide secure transmission of confidential data between the target server and the external client. By transforming non-secure URLs into secure URLs, the invention forces continued use of secure communications despite the inherent security problems of HTTP. These problems arise from the fact that HTTP does not normally “remember” security requirements from one Web page transmission to the next. The present invention forces use of a secure connection each time the user follows an URL to confidential data. Moreover, the invention provides this security without requiring any additional distribution or installation of client software onto the external client(s) beyond that which is already widely used.

Although particular methods and signal formats embodying the present invention are expressly described herein, it will be appreciated that system and storage media embodiments may also be formed according to the signals and methods of the present invention. Unless otherwise expressly indicted, the description herein of methods and signals of the present invention therefore extends to corresponding systems and storage media, and the description of systems and storage media of the present invention extends likewise to corresponding methods and signals.

As used herein, terms such as “a” and “the” and item designations such as “URL” are inclusive of one or more of the indicated item. In particular, in the claims a reference to an item means at least one such item is required. When/exactly one item is intended, this document will state that requirement expressly.

The invention may be embodied in other specific forms without departing from its essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. Headings are for convenience only. The scope of the invention is, therefore, indicated by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.

Claims (20)

1. A computer readable medium including a border server software, said border server software comprising:
secure connection software for secure communication with a client where the client resides in an insecure network;
insecure connection software for communicating with a target server where the target server resides in a secure network; and
a transformer software configured to transform a secure request received from the client to an insecure request for the target server, the transformer software configured to transform insecure data received from the target server into secure data wherein the transformer software enables said request and data transformation simultaneously with client authentication; and
the transformer software configured to send the secure data to the client upon authentication of the client.
2. The border server of claim 1, wherein the transformer transforms the secure request, which is a Uniform Resource Locator (URL) request, and wherein the secure connection software is used by a browser of the client to issue the secure request.
3. The border server of claim 1, wherein the transformer transforms the insecure data by sending the insecure data to the client as the secure data using a Hypertext Markup Transfer Protocol over a Secure Sockets Layer (HTTPS) which is used by the secure connection software.
4. The border server of claim 1, wherein the target server is indirectly accessible to the client via the transformer while the client remains authenticated.
5. The border server of claim 1, wherein the client is authenticated by an authentication system on the secure network.
6. The border server of claim 1, wherein the transformer maintains a cache having the secure data for servicing subsequent requests for the secure data.
7. The border server of claim 1 further comprising a redirector that intercepts and redirects the secure requests to the transformer.
8. A method for operating a border server software, said method comprising:
receiving a secure request a client over an insecure network;
transforming the secure request into an insecure request, wherein the transforming of the secure request are enabled and executed simultaneously with the client authentication, sending the insecure request to a target server residing in a secure network;
receiving insecure data from the target server; and
transforming the insecure data into secure data and sending the secure data to the client over the insecure network, if the client was successfully authenticated.
9. The method of claim 8 further comprising checking a cache within the secure network for the insecure data before sending the insecure request to the target server.
10. The method of claim 8 wherein the receiving further includes intercepting, by the border server, the secure request sent from the client, wherein the secure request was originally directed from the client to the target server.
11. The method of claim 8 wherein the transforming of the secure request further includes sending the insecure request to the target server within a secure intranet environment which is the secure network.
12. The method of claim 8 wherein the transforming of the secure request includes using a directory services database in connection with an authentication system to authenticate the client.
13. The method of claim 8 wherein the transforming of the secure request includes blocking, by the border server, direct access from the client to the target server.
14. The method of claim 8 wherein the receiving further includes receiving a username and password with the secure request which is used when authenticating the client.
15. A method for operating a border server software, comprising:
intercepting a secure request issued from a client for secure data accessible from a secure network, wherein the secure request is intercepted from an insecure network;
authenticating the client during an operation to transform the secure request into an insecure request within the secure network, wherein the client authentication and transformation of the secure request are enabled and executed simultaneously; and
locating the secure data within the secure network and transforming the secure data into insecure data for delivery to the client over the insecure network using secure communications.
16. The method of claim 15 wherein the intercepting further includes intercepting the secure request that was originally directed to a target server having the secure data and located within the secure network.
17. The method of claim 15 wherein the locating further includes using Secure Socket Layer protocols as the secure communications over the Internet which is the insecure network.
18. The method of claim 15 wherein the locating further includes issuing the insecure request to a target server within the secure network in order to acquire the secure data.
19. The method of claim 15 wherein the locating further includes checking a cache for the secure data.
20. The method of claim 15 further comprising, storing the secure data in a cache accessible from the secure network to satisfy subsequent secure requests for the secure data.
US10650211 1999-03-16 2003-08-28 Secure intranet access Active 2019-04-11 US6950936B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US09268795 US6081900A (en) 1999-03-16 1999-03-16 Secure intranet access
US09493506 US6640302B1 (en) 1999-03-16 2000-01-28 Secure intranet access
US10650211 US6950936B2 (en) 1999-03-16 2003-08-28 Secure intranet access

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US10650211 US6950936B2 (en) 1999-03-16 2003-08-28 Secure intranet access
US10784440 US8060926B1 (en) 1999-03-16 2004-02-23 Techniques for securely managing and accelerating data delivery
US10814983 US7904951B1 (en) 1999-03-16 2004-03-31 Techniques for securely accelerating external domains locally

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09493506 Continuation US6640302B1 (en) 1999-03-16 2000-01-28 Secure intranet access

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US10784440 Continuation-In-Part US8060926B1 (en) 1999-03-16 2004-02-23 Techniques for securely managing and accelerating data delivery

Publications (2)

Publication Number Publication Date
US20040049702A1 true US20040049702A1 (en) 2004-03-11
US6950936B2 true US6950936B2 (en) 2005-09-27

Family

ID=23024520

Family Applications (3)

Application Number Title Priority Date Filing Date
US09268795 Active US6081900A (en) 1999-03-16 1999-03-16 Secure intranet access
US09493506 Active US6640302B1 (en) 1999-03-16 2000-01-28 Secure intranet access
US10650211 Active 2019-04-11 US6950936B2 (en) 1999-03-16 2003-08-28 Secure intranet access

Family Applications Before (2)

Application Number Title Priority Date Filing Date
US09268795 Active US6081900A (en) 1999-03-16 1999-03-16 Secure intranet access
US09493506 Active US6640302B1 (en) 1999-03-16 2000-01-28 Secure intranet access

Country Status (1)

Country Link
US (3) US6081900A (en)

Cited By (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030101116A1 (en) * 2000-06-12 2003-05-29 Rosko Robert J. System and method for providing customers with seamless entry to a remote server
US20030108063A1 (en) * 2001-12-07 2003-06-12 Joseph Moses S. System and method for aggregating multiple information channels across a network
US20050060384A1 (en) * 2003-09-11 2005-03-17 International Business Machines Corporation Providing hyperlinks in web documents linkable to other alternative web documents in a world wide web network
US20050177746A1 (en) * 2003-12-22 2005-08-11 International Business Machines Corporation Method for providing network perimeter security assessment
US20050246383A1 (en) * 2004-04-30 2005-11-03 Desai Ajay M Web object access authorization protocol based on an HTTP validation model
US20070234408A1 (en) * 2006-03-31 2007-10-04 Novell, Inc. Methods and systems for multifactor authentication
US20080209524A1 (en) * 2007-02-23 2008-08-28 Microsoft Corporation Caching public objects with private connections
US20080256020A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Variant entries in network data repositories
US20080256083A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Alias hiding in network data repositories
US20080253403A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Nomadic subscriber data system
US20080256250A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Sub-tree access control in network architectures
US20080270612A1 (en) * 2007-04-30 2008-10-30 Microsoft Corporation Enabling secure remote assistance using a terminal services gateway
US7461262B1 (en) * 2002-03-19 2008-12-02 Cisco Technology, Inc. Methods and apparatus for providing security in a caching device
US20090110200A1 (en) * 2007-10-25 2009-04-30 Rahul Srinivas Systems and methods for using external authentication service for kerberos pre-authentication
WO2009114436A2 (en) * 2008-03-10 2009-09-17 Invicta Networks, Inc. Method and system for secure data exfiltration from a closed network or system
US7681034B1 (en) 2001-12-12 2010-03-16 Chang-Ping Lee Method and apparatus for securing electronic data
US7685013B2 (en) 1999-11-04 2010-03-23 Jpmorgan Chase Bank System and method for automatic financial project management
US7689504B2 (en) 2001-11-01 2010-03-30 Jpmorgan Chase Bank, N.A. System and method for establishing or modifying an account with user selectable terms
US7703140B2 (en) 2003-09-30 2010-04-20 Guardian Data Storage, Llc Method and system for securing digital assets using process-driven security policies
US7707427B1 (en) 2004-07-19 2010-04-27 Michael Frederick Kenrich Multi-level file digests
US7729995B1 (en) 2001-12-12 2010-06-01 Rossmann Alain Managing secured files in designated locations
US7730543B1 (en) 2003-06-30 2010-06-01 Satyajit Nath Method and system for enabling users of a group shared across multiple file security systems to access secured files
US7756816B2 (en) 2002-10-02 2010-07-13 Jpmorgan Chase Bank, N.A. System and method for network-based project management
USRE41546E1 (en) 2001-12-12 2010-08-17 Klimenty Vainstein Method and system for managing security tiers
US7783765B2 (en) 2001-12-12 2010-08-24 Hildebrand Hal S System and method for providing distributed access control to secured documents
US7836310B1 (en) 2002-11-01 2010-11-16 Yevgeniy Gutnik Security system that uses indirect password-based encryption
US7890990B1 (en) 2002-12-20 2011-02-15 Klimenty Vainstein Security system with staging capabilities
US7904951B1 (en) 1999-03-16 2011-03-08 Novell, Inc. Techniques for securely accelerating external domains locally
US7921284B1 (en) 2001-12-12 2011-04-05 Gary Mark Kinghorn Method and system for protecting electronic data in enterprise environment
US7921288B1 (en) 2001-12-12 2011-04-05 Hildebrand Hal S System and method for providing different levels of key security for controlling access to secured items
US7921450B1 (en) 2001-12-12 2011-04-05 Klimenty Vainstein Security system using indirect key generation from access rules and methods therefor
US7930756B1 (en) 2001-12-12 2011-04-19 Crocker Steven Toye Multi-level cryptographic transformations for securing digital assets
US7950066B1 (en) 2001-12-21 2011-05-24 Guardian Data Storage, Llc Method and system for restricting use of a clipboard application
US7966496B2 (en) 1999-07-02 2011-06-21 Jpmorgan Chase Bank, N.A. System and method for single sign on process for websites with multiple applications and services
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US8006280B1 (en) 2001-12-12 2011-08-23 Hildebrand Hal S Security system for generating keys from access rules in a decentralized manner and methods therefor
US20110264905A1 (en) * 2010-04-21 2011-10-27 Michael Ovsiannikov Systems and methods for split proxying of ssl via wan appliances
US20110271114A1 (en) * 2006-10-19 2011-11-03 Mark Wayne Baysinger System and method for authenticating remote server access
US8060926B1 (en) 1999-03-16 2011-11-15 Novell, Inc. Techniques for securely managing and accelerating data delivery
US8065720B1 (en) 2004-01-06 2011-11-22 Novell, Inc. Techniques for managing secure communications
US8065713B1 (en) 2001-12-12 2011-11-22 Klimenty Vainstein System and method for providing multi-location access management to secured items
US20120023158A1 (en) * 2009-04-14 2012-01-26 Ashwin Kashyap Method for secure transfer of multiple small messages
US8127366B2 (en) 2003-09-30 2012-02-28 Guardian Data Storage, Llc Method and apparatus for transitioning between states of security policies used to secure electronic documents
US8160960B1 (en) 2001-06-07 2012-04-17 Jpmorgan Chase Bank, N.A. System and method for rapid updating of credit information
US8176334B2 (en) 2002-09-30 2012-05-08 Guardian Data Storage, Llc Document security system that permits external users to gain access to secured files
US8185940B2 (en) 2001-07-12 2012-05-22 Jpmorgan Chase Bank, N.A. System and method for providing discriminated content to network users
US20120210414A1 (en) * 2011-02-15 2012-08-16 Canon Kabushiki Kaisha Information processing system, method for controlling information processing system, and storage medium
US8266674B2 (en) 2001-12-12 2012-09-11 Guardian Data Storage, Llc Method and system for implementing changes to security policies in a distributed security system
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
US8307067B2 (en) 2002-09-11 2012-11-06 Guardian Data Storage, Llc Protecting encrypted files transmitted over a network
US8321682B1 (en) 2008-01-24 2012-11-27 Jpmorgan Chase Bank, N.A. System and method for generating and managing administrator passwords
US8335855B2 (en) 2001-09-19 2012-12-18 Jpmorgan Chase Bank, N.A. System and method for portal infrastructure tracking
USRE43906E1 (en) 2001-12-12 2013-01-01 Guardian Data Storage Llc Method and apparatus for securing digital assets
US8473735B1 (en) 2007-05-17 2013-06-25 Jpmorgan Chase Systems and methods for managing digital certificates
US8543827B2 (en) 2001-12-12 2013-09-24 Intellectual Ventures I Llc Methods and systems for providing access control to secured data
US8571975B1 (en) 1999-11-24 2013-10-29 Jpmorgan Chase Bank, N.A. System and method for sending money via E-mail over the internet
US8583926B1 (en) 2005-09-19 2013-11-12 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
US8613045B1 (en) * 2008-05-01 2013-12-17 F5 Networks, Inc. Generating secure roaming user profiles over a network
US8613102B2 (en) 2004-03-30 2013-12-17 Intellectual Ventures I Llc Method and system for providing document retention using cryptography
US8707034B1 (en) 2003-05-30 2014-04-22 Intellectual Ventures I Llc Method and system for using remote headers to secure electronic files
US8793490B1 (en) 2006-07-14 2014-07-29 Jpmorgan Chase Bank, N.A. Systems and methods for multifactor authentication
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US20160197886A1 (en) * 2015-01-07 2016-07-07 Anchorfree Inc. Secure personal server system and method
US9419957B1 (en) 2013-03-15 2016-08-16 Jpmorgan Chase Bank, N.A. Confidence-based authentication
US9608826B2 (en) 2009-06-29 2017-03-28 Jpmorgan Chase Bank, N.A. System and method for partner key management
US9646304B2 (en) 2001-09-21 2017-05-09 Jpmorgan Chase Bank, N.A. System for providing cardless payment
US9654473B2 (en) 2013-06-28 2017-05-16 Bmc Software, Inc. Authentication proxy agent

Families Citing this family (382)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6754712B1 (en) * 2001-07-11 2004-06-22 Cisco Techonology, Inc. Virtual dial-up protocol for network communication
US6307837B1 (en) * 1997-08-12 2001-10-23 Nippon Telegraph And Telephone Corporation Method and base station for packet transfer
FI104666B (en) * 1997-11-10 2000-04-14 Nokia Networks Oy a secure handshake
DE69833929D1 (en) * 1998-04-10 2006-05-11 Sun Microsystems Inc Network access authentication system
US6965999B2 (en) * 1998-05-01 2005-11-15 Microsoft Corporation Intelligent trust management method and system
US8516055B2 (en) 1998-05-29 2013-08-20 Research In Motion Limited System and method for pushing information from a host system to a mobile data communication device in a wireless data network
US6256671B1 (en) * 1998-06-24 2001-07-03 Nortel Networks Limited Method and apparatus for providing network access control using a domain name system
US6272491B1 (en) * 1998-08-24 2001-08-07 Oracle Corporation Method and system for mastering locks in a multiple server database system
US6502135B1 (en) 1998-10-30 2002-12-31 Science Applications International Corporation Agile network protocol for secure communications with assured system availability
US7188180B2 (en) * 1998-10-30 2007-03-06 Vimetx, Inc. Method for establishing secure communication link between computers of virtual private network
US7010604B1 (en) * 1998-10-30 2006-03-07 Science Applications International Corporation Agile network protocol for secure communications with assured system availability
US7418504B2 (en) 1998-10-30 2008-08-26 Virnetx, Inc. Agile network protocol for secure communications using secure domain names
US6389462B1 (en) * 1998-12-16 2002-05-14 Lucent Technologies Inc. Method and apparatus for transparently directing requests for web objects to proxy caches
US6418472B1 (en) * 1999-01-19 2002-07-09 Intel Corporation System and method for using internet based caller ID for controlling access to an object stored in a computer
US7130831B2 (en) * 1999-02-08 2006-10-31 Copyright Clearance Center, Inc. Limited-use browser and security system
US6081900A (en) * 1999-03-16 2000-06-27 Novell, Inc. Secure intranet access
US6760746B1 (en) * 1999-09-01 2004-07-06 Eric Schneider Method, product, and apparatus for processing a data request
US6542967B1 (en) 1999-04-12 2003-04-01 Novell, Inc. Cache object store
US6226752B1 (en) * 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users
US7219072B1 (en) * 1999-06-01 2007-05-15 International Business Machines Corporation Method and system for co-browsing in electronic commerce
US7146505B1 (en) 1999-06-01 2006-12-05 America Online, Inc. Secure data exchange between date processing systems
US6381631B1 (en) * 1999-06-03 2002-04-30 Marimba, Inc. Method and apparatus for controlling client computer systems
US6526513B1 (en) * 1999-08-03 2003-02-25 International Business Machines Corporation Architecture for dynamic permissions in java
US6401125B1 (en) * 1999-08-05 2002-06-04 Nextpage, Inc. System and method for maintaining state information between a web proxy server and its clients
US6877036B1 (en) * 1999-09-24 2005-04-05 Akamba Corporation System and method for managing connections between a client and a server
DE69941817D1 (en) * 1999-10-14 2010-01-28 Alcatel Lucent A method for connecting a user terminal to a second user terminal device, and software module for
US8762446B1 (en) * 1999-11-02 2014-06-24 Apple Inc. Bridged distributed device control over multiple transports method and apparatus
US7321864B1 (en) * 1999-11-04 2008-01-22 Jpmorgan Chase Bank, N.A. System and method for providing funding approval associated with a project based on a document collection
US7680819B1 (en) * 1999-11-12 2010-03-16 Novell, Inc. Managing digital identity information
US6643701B1 (en) * 1999-11-17 2003-11-04 Sun Microsystems, Inc. Method and apparatus for providing secure communication with a relay in a network
GB2357225B (en) * 1999-12-08 2003-07-16 Hewlett Packard Co Electronic certificate
GB2357226B (en) * 1999-12-08 2003-07-16 Hewlett Packard Co Security protocol
GB2357227B (en) 1999-12-08 2003-12-17 Hewlett Packard Co Security protocol
GB2357229B (en) * 1999-12-08 2004-03-17 Hewlett Packard Co Security protocol
GB2357228B (en) * 1999-12-08 2003-07-09 Hewlett Packard Co Method and apparatus for discovering a trust chain imparting a required attribute to a subject
US7765581B1 (en) 1999-12-10 2010-07-27 Oracle America, Inc. System and method for enabling scalable security in a virtual private network
US6714982B1 (en) * 2000-01-19 2004-03-30 Fmr Corp. Message passing over secure connections using a network server
US7113994B1 (en) * 2000-01-24 2006-09-26 Microsoft Corporation System and method of proxy authentication in a secured network
US6694336B1 (en) * 2000-01-25 2004-02-17 Fusionone, Inc. Data transfer and synchronization system
US7035878B1 (en) 2000-01-25 2006-04-25 Fusionone, Inc. Base rolling engine for data transfer and synchronization system
US6671757B1 (en) 2000-01-26 2003-12-30 Fusionone, Inc. Data transfer and synchronization system
US8156074B1 (en) 2000-01-26 2012-04-10 Synchronoss Technologies, Inc. Data transfer and synchronization system
FR2804564B1 (en) * 2000-01-27 2002-03-22 Bull Sa multiapplicatif safety relay
US7003571B1 (en) 2000-01-31 2006-02-21 Telecommunication Systems Corporation Of Maryland System and method for re-directing requests from browsers for communication over non-IP based networks
US8090856B1 (en) 2000-01-31 2012-01-03 Telecommunication Systems, Inc. Intelligent messaging network server interconnection
US7689696B2 (en) * 2000-01-31 2010-03-30 Telecommunication Systems, Inc. System and method for re-directing requests from browsers for communications over non-IP based networks
US6671688B1 (en) * 2000-02-10 2003-12-30 Novell, Inc. Virtual replication for a computer directory system
US6947440B2 (en) 2000-02-15 2005-09-20 Gilat Satellite Networks, Ltd. System and method for internet page acceleration including multicast transmissions
US7502922B1 (en) 2000-03-01 2009-03-10 Novell, Inc. Computer network having a security layer interface independent of the application transport mechanism
US7703131B1 (en) * 2000-03-01 2010-04-20 Microsoft Corporation Secured distributed impersonation
US7240202B1 (en) 2000-03-16 2007-07-03 Novell, Inc. Security context sharing
US7260837B2 (en) * 2000-03-22 2007-08-21 Comscore Networks, Inc. Systems and methods for user identification, user demographic reporting and collecting usage data usage biometrics
US7930285B2 (en) * 2000-03-22 2011-04-19 Comscore, Inc. Systems for and methods of user demographic reporting usable for identifying users and collecting usage data
US7493655B2 (en) * 2000-03-22 2009-02-17 Comscore Networks, Inc. Systems for and methods of placing user identification in the header of data packets usable in user demographic reporting and collecting usage data
US7181412B1 (en) * 2000-03-22 2007-02-20 Comscore Networks Inc. Systems and methods for collecting consumer data
US9514459B1 (en) 2000-03-24 2016-12-06 Emc Corporation Identity broker tools and techniques for use with forward proxy computers
US7177901B1 (en) * 2000-03-27 2007-02-13 International Business Machines Corporation Method, system, and computer program product to redirect requests from content servers to load distribution servers and to correct bookmarks
US7522911B2 (en) * 2000-04-11 2009-04-21 Telecommunication Systems, Inc. Wireless chat automatic status tracking
US20010042202A1 (en) * 2000-04-14 2001-11-15 Horvath Charles J. Dynamically extendible firewall
US20070129955A1 (en) * 2000-04-14 2007-06-07 American Express Travel Related Services Company, Inc. System and method for issuing and using a loyalty point advance
CA2406001A1 (en) 2000-04-14 2001-10-25 American Express Travel Related Services Company, Inc. A system and method for using loyalty points
US8898340B2 (en) 2000-04-17 2014-11-25 Circadence Corporation Dynamic network link acceleration for network including wireless communication devices
US8065399B2 (en) 2000-04-17 2011-11-22 Circadence Corporation Automated network infrastructure test and diagnostic system and method therefor
WO2001080033A3 (en) 2000-04-17 2002-10-03 Circadence Corp System and method for implementing application -independent functionality within a network infrastructure
US8024481B2 (en) * 2000-04-17 2011-09-20 Circadence Corporation System and method for reducing traffic and congestion on distributed interactive simulation networks
US8510468B2 (en) 2000-04-17 2013-08-13 Ciradence Corporation Route aware network link acceleration
US8996705B2 (en) 2000-04-17 2015-03-31 Circadence Corporation Optimization of enhanced network links
USRE45009E1 (en) 2000-04-17 2014-07-08 Circadence Corporation Dynamic network link acceleration
US8195823B2 (en) * 2000-04-17 2012-06-05 Circadence Corporation Dynamic network link acceleration
US6976090B2 (en) * 2000-04-20 2005-12-13 Actona Technologies Ltd. Differentiated content and application delivery via internet
US7069592B2 (en) 2000-04-26 2006-06-27 Ford Global Technologies, Llc Web-based document system
US6772214B1 (en) * 2000-04-27 2004-08-03 Novell, Inc. System and method for filtering of web-based content stored on a proxy cache server
US8327436B2 (en) * 2002-10-25 2012-12-04 Randle William M Infrastructure architecture for secure network management with peer to peer functionality
US7509490B1 (en) * 2000-05-26 2009-03-24 Symantec Corporation Method and apparatus for encrypted communications to a secure server
US7673329B2 (en) * 2000-05-26 2010-03-02 Symantec Corporation Method and apparatus for encrypted communications to a secure server
US9213836B2 (en) * 2000-05-28 2015-12-15 Barhon Mayer, Batya System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages
JP2001344428A (en) * 2000-06-02 2001-12-14 Fuji Photo Film Co Ltd Image print ordering system using network, recording medium with digital image information recorded, and providing method for recording medium
GB2363297B (en) * 2000-06-09 2004-04-07 Hewlett Packard Co Secure network communications
US20020087884A1 (en) * 2000-06-12 2002-07-04 Hovav Shacham Method and apparatus for enhancing network security protection server performance
US20020039420A1 (en) * 2000-06-12 2002-04-04 Hovav Shacham Method and apparatus for batched network security protection server performance
US7225331B1 (en) * 2000-06-15 2007-05-29 International Business Machines Corporation System and method for securing data on private networks
US7441270B1 (en) * 2000-07-06 2008-10-21 Intel Corporation Connectivity in the presence of barriers
US7376647B1 (en) * 2000-07-18 2008-05-20 Accenture Llp Method for evaluating activity-based costs of a company
US8073954B1 (en) 2000-07-19 2011-12-06 Synchronoss Technologies, Inc. Method and apparatus for a secure remote access system
US7895334B1 (en) 2000-07-19 2011-02-22 Fusionone, Inc. Remote access communication architecture apparatus and method
US20020136226A1 (en) * 2001-03-26 2002-09-26 Bluesocket, Inc. Methods and systems for enabling seamless roaming of mobile devices among wireless networks
US7146636B2 (en) * 2000-07-24 2006-12-05 Bluesocket, Inc. Method and system for enabling centralized control of wireless local area networks
US7260638B2 (en) * 2000-07-24 2007-08-21 Bluesocket, Inc. Method and system for enabling seamless roaming in a wireless network
US7137143B2 (en) * 2000-08-07 2006-11-14 Ingrian Systems Inc. Method and system for caching secure web content
US20040015725A1 (en) * 2000-08-07 2004-01-22 Dan Boneh Client-side inspection and processing of secure content
US7571217B1 (en) 2000-08-16 2009-08-04 Parallel Networks, Llc Method and system for uniform resource locator transformation
US6925476B1 (en) 2000-08-17 2005-08-02 Fusionone, Inc. Updating application data including adding first change log to aggreagate change log comprising summary of changes
US6697860B1 (en) * 2000-08-28 2004-02-24 Viagold Direct Network Limited System and method for linking web sites
US7039612B1 (en) * 2000-09-07 2006-05-02 Sprint Communications Company L.P. Intranet platform system
US7526438B1 (en) 2000-09-18 2009-04-28 Hewlett-Packard Development Company, L.P. Localizing client purchasing of consumables for hardcody output engine and method
CA2424167C (en) * 2000-10-10 2008-07-08 Nokia Corporation Techniques for hiding network element names and addresses
US7401115B1 (en) 2000-10-23 2008-07-15 Aol Llc Processing selected browser requests
US7117262B2 (en) * 2000-11-01 2006-10-03 Inktomi Corporation Cooperative management of distributed network caches
US7103556B2 (en) * 2000-11-02 2006-09-05 Jpmorgan Chase Bank, N.A. System and method for aggregate portfolio client support
US7398226B2 (en) 2000-11-06 2008-07-08 American Express Travel Related Services Company, Inc. System and method for networked loyalty program
US6529692B1 (en) 2000-11-10 2003-03-04 Hewlett-Packard Company Consumable order-assistance system for computer peripheral device within a single connection environment and method for replenishing consumables
US7149743B2 (en) * 2000-11-17 2006-12-12 Heck.Com, Llc Virtual directory
US20020062306A1 (en) * 2000-11-21 2002-05-23 Utt Corporation, Inc., D/B/A Withit Systems and methods for controlling network communications
US7093019B1 (en) * 2000-11-21 2006-08-15 Hewlett-Packard Development Company, L.P. Method and apparatus for providing an automated login process
US20080301231A1 (en) * 2001-11-28 2008-12-04 Samir Narendra Mehta Method and System for Maintaining and Distributing Wireless Applications
CN1489736A (en) * 2000-11-28 2004-04-14 第四传递公司 Method and system for maintaining and distributing wireless applications
US7106460B2 (en) * 2000-12-08 2006-09-12 Hewlett-Packard Development Company, L.P. Reorder assistance notification of near end-of-life consumables and method
US6842588B2 (en) 2000-12-08 2005-01-11 Hewlett-Packard Development Company, L.P. Consumables/printer management system with task and calendar links
US20020072998A1 (en) * 2000-12-08 2002-06-13 Haines Robert E. Consumable order-assistance system for computer peripheral devices within a centralized network environment and method for replenishing consumable components
US6947155B2 (en) 2000-12-08 2005-09-20 Hewlett-Packard Development Company, L.P. Reorder assistance notification interaction and method
US7818435B1 (en) 2000-12-14 2010-10-19 Fusionone, Inc. Reverse proxy mechanism for retrieving electronic content associated with a local network
WO2002050695A1 (en) * 2000-12-20 2002-06-27 Talk2 Technology, Inc. Spontaneous virtual private network between portable device and enterprise network
US7124189B2 (en) * 2000-12-20 2006-10-17 Intellisync Corporation Spontaneous virtual private network between portable device and enterprise network
US8266677B2 (en) * 2000-12-20 2012-09-11 Intellisync Corporation UDP communication with a programmer interface over wireless networks
US7389293B2 (en) * 2000-12-20 2008-06-17 Oracle International Corporation Remastering for asymmetric clusters in high-load scenarios
FI20002823A (en) * 2000-12-21 2002-06-22 Nokia Corp Communication
WO2002065707A3 (en) * 2000-12-26 2003-07-17 Bluesocket Inc Methods and systems for clock synchronization across wireless networks
US7149187B1 (en) * 2000-12-28 2006-12-12 Cisco Technology, Inc. Random early detection policer using randomization of packet drops
US7028033B2 (en) * 2001-01-02 2006-04-11 Hall Aluminum Llc Method and apparatus for simplified access to online services
US7757278B2 (en) * 2001-01-04 2010-07-13 Safenet, Inc. Method and apparatus for transparent encryption
US20020099851A1 (en) * 2001-01-22 2002-07-25 Shah Hemal V. Decoupling TCP/IP processing in system area networks
US7024479B2 (en) * 2001-01-22 2006-04-04 Intel Corporation Filtering calls in system area networks
US7127742B2 (en) * 2001-01-24 2006-10-24 Microsoft Corporation Establishing a secure connection with a private corporate network over a public network
US6836795B2 (en) * 2001-01-31 2004-12-28 Microsoft Corporation Mapping connections and protocol-specific resource identifiers
US7502936B2 (en) * 2001-02-14 2009-03-10 Jsm Technologies, L.L.C. System and method providing secure access to a computer system
US6631453B1 (en) 2001-02-14 2003-10-07 Zecurity Secure data storage device
US7222101B2 (en) * 2001-02-26 2007-05-22 American Express Travel Related Services Company, Inc. System and method for securing data through a PDA portal
US7584149B1 (en) 2001-02-26 2009-09-01 American Express Travel Related Services Company, Inc. System and method for securing data through a PDA portal
US8310943B2 (en) * 2002-02-26 2012-11-13 Motorola Mobility Llc Method and system for transmission-based billing applications
US7240193B2 (en) * 2001-03-01 2007-07-03 Invicta Networks, Inc. Systems and methods that provide external network access from a protected network
US20020129149A1 (en) * 2001-03-06 2002-09-12 Kenneth Schulz Method and system for automatically directing a web user to a selected web server
US20020133717A1 (en) * 2001-03-13 2002-09-19 Ciongoli Bernard M. Physical switched network security
US7167470B2 (en) * 2001-03-15 2007-01-23 American Express Travel Related Services Company, Inc. Method and apparatus for locating a communication device using local area network switch information
US7499888B1 (en) 2001-03-16 2009-03-03 Fusionone, Inc. Transaction authentication system and method
US7739497B1 (en) * 2001-03-21 2010-06-15 Verizon Corporate Services Group Inc. Method and apparatus for anonymous IP datagram exchange using dynamic network address translation
US7181017B1 (en) 2001-03-23 2007-02-20 David Felsher System and method for secure three-party communications
US8615566B1 (en) 2001-03-23 2013-12-24 Synchronoss Technologies, Inc. Apparatus and method for operational support of remote network systems
US8555062B1 (en) * 2001-03-26 2013-10-08 Access Co., Ltd. Protocol to prevent replay attacks on secured wireless transactions
US20020144144A1 (en) * 2001-03-27 2002-10-03 Jeffrey Weiss Method and system for common control of virtual private network devices
US6775700B2 (en) * 2001-03-27 2004-08-10 Intel Corporation System and method for common information model object manager proxy interface and management
US7093279B2 (en) * 2001-03-28 2006-08-15 Intel Corporation Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers
US7398225B2 (en) 2001-03-29 2008-07-08 American Express Travel Related Services Company, Inc. System and method for networked loyalty program
EP1374531A2 (en) * 2001-04-05 2004-01-02 Siemens Aktiengesellschaft Method for a secure information transfer
US20020154635A1 (en) * 2001-04-23 2002-10-24 Sun Microsystems, Inc. System and method for extending private networks onto public infrastructure using supernets
US7228438B2 (en) * 2001-04-30 2007-06-05 Matsushita Electric Industrial Co., Ltd. Computer network security system employing portable storage device
US20020166069A1 (en) * 2001-05-04 2002-11-07 Zendzian David M. Network-monitoring system
US7730528B2 (en) * 2001-06-01 2010-06-01 Symantec Corporation Intelligent secure data manipulation apparatus and method
US7216173B2 (en) * 2001-06-12 2007-05-08 Varian Medical Systems Technologies, Inc. Virtual private network software system
US8051168B1 (en) * 2001-06-19 2011-11-01 Microstrategy, Incorporated Method and system for security and user account integration by reporting systems with remote repositories
GB2376763B (en) * 2001-06-19 2004-12-15 Hewlett Packard Co Demonstrating integrity of a compartment of a compartmented operating system
US7904454B2 (en) 2001-07-16 2011-03-08 International Business Machines Corporation Database access security
US7360245B1 (en) 2001-07-18 2008-04-15 Novell, Inc. Method and system for filtering spoofed packets in a network
US7827292B2 (en) * 2001-07-23 2010-11-02 At&T Intellectual Property Ii, L.P. Flexible automated connection to virtual private networks
US8239531B1 (en) * 2001-07-23 2012-08-07 At&T Intellectual Property Ii, L.P. Method and apparatus for connection to virtual private networks for secure transactions
US7827278B2 (en) * 2001-07-23 2010-11-02 At&T Intellectual Property Ii, L.P. System for automated connection to virtual private networks related applications
US7274659B2 (en) * 2001-07-27 2007-09-25 Western Digital Ventures, Inc. Providing streaming media data
GB2378009B (en) * 2001-07-27 2005-08-31 Hewlett Packard Co Method of establishing a secure data connection
CA2354993C (en) * 2001-08-10 2010-11-09 Ibm Canada Limited-Ibm Canada Limitee Method of indicating links to external urls
US20030046586A1 (en) * 2001-09-05 2003-03-06 Satyam Bheemarasetti Secure remote access to data between peers
US6493517B1 (en) 2001-09-10 2002-12-10 Hewlett-Packard Company Integration of self-determined consumable usage model in pigmentation material low/out forecast
US20030056120A1 (en) * 2001-09-14 2003-03-20 Hsiang-Min Liu Login method and system for use with carry-on electronic device
US20030061286A1 (en) * 2001-09-27 2003-03-27 Lin Jin Kun Co-browsing system including form and focal-point synchronization capabilities for both secure and non-secure web documents
US20050210243A1 (en) * 2001-09-28 2005-09-22 Archard Paul L System and method for improving client response times using an integrated security and packet optimization framework
WO2003029916A3 (en) * 2001-09-28 2003-06-19 Bluesocket Inc Method and system for managing data traffic in wireless networks
JP3901484B2 (en) * 2001-10-05 2007-04-04 株式会社ジェイテクト Electric power steering system
US7886026B2 (en) * 2001-10-11 2011-02-08 Hewlett-Packard Development Company, L.P. Hardcopy output engine configuration apparatus and method
US20030074268A1 (en) * 2001-10-11 2003-04-17 Haines Robert E. User and device interactions for web consolidation
US20030074442A1 (en) * 2001-10-11 2003-04-17 Haines Robert E. Hardcopy output engine discovery method and apparatus
US20030074428A1 (en) * 2001-10-11 2003-04-17 Haines Robert E. Device configuration method and apparatus
US20030074547A1 (en) * 2001-10-11 2003-04-17 Haines Robert E. Hardcopy output engine consumable supply management and method
EP1435162A2 (en) * 2001-10-12 2004-07-07 Dieter Weiler Method and device for data exchange between a client and an internet server
US7840645B1 (en) * 2001-10-22 2010-11-23 Cisco Technology, Inc. Methods and apparatus for providing content over a computer network
US6735287B2 (en) * 2001-11-16 2004-05-11 Sbc Technology Resources, Inc. Method and system for multimodal presence detection
US7313816B2 (en) * 2001-12-17 2007-12-25 One Touch Systems, Inc. Method and system for authenticating a user in a web-based environment
US7171493B2 (en) * 2001-12-19 2007-01-30 The Charles Stark Draper Laboratory Camouflage of network traffic to resist attack
US7188364B2 (en) * 2001-12-20 2007-03-06 Cranite Systems, Inc. Personal virtual bridged local area networks
US7120791B2 (en) * 2002-01-25 2006-10-10 Cranite Systems, Inc. Bridged cryptographic VLAN
US7986937B2 (en) * 2001-12-20 2011-07-26 Microsoft Corporation Public access point
US7965843B1 (en) * 2001-12-27 2011-06-21 Cisco Technology, Inc. Methods and apparatus for security over fibre channel
US7099319B2 (en) * 2002-01-23 2006-08-29 International Business Machines Corporation Virtual private network and tunnel gateway with multiple overlapping, remote subnets
US7069336B2 (en) * 2002-02-01 2006-06-27 Time Warner Cable Policy based routing system and method for caching and VPN tunneling
JP3610341B2 (en) * 2002-02-19 2005-01-12 キヤノン株式会社 Network devices and remote control relay server
US8412581B1 (en) * 2002-02-21 2013-04-02 Jda Software Group, Inc. Facilitating business transactions between trading networks
KR100438431B1 (en) * 2002-02-23 2004-07-03 삼성전자주식회사 Security system for virtual private network service access in communication network and method thereof
US7707287B2 (en) * 2002-03-22 2010-04-27 F5 Networks, Inc. Virtual host acceleration system
US20040024811A1 (en) * 2002-04-24 2004-02-05 Hiroshi Kitada System, computer program product and method for scanning and managing documents
US7346690B1 (en) 2002-05-07 2008-03-18 Oracle International Corporation Deferred piggybacked messaging mechanism for session reuse
US7774832B2 (en) * 2002-06-10 2010-08-10 Quest Software, Inc. Systems and methods for implementing protocol enforcement rules
US7707401B2 (en) * 2002-06-10 2010-04-27 Quest Software, Inc. Systems and methods for a protocol gateway
US20080196099A1 (en) * 2002-06-10 2008-08-14 Akonix Systems, Inc. Systems and methods for detecting and blocking malicious content in instant messages
US7657616B1 (en) 2002-06-10 2010-02-02 Quest Software, Inc. Automatic discovery of users associated with screen names
US7664822B2 (en) 2002-06-10 2010-02-16 Quest Software, Inc. Systems and methods for authentication of target protocol screen names
US7428590B2 (en) * 2002-06-10 2008-09-23 Akonix Systems, Inc. Systems and methods for reflecting messages associated with a target protocol within a network
US7818565B2 (en) * 2002-06-10 2010-10-19 Quest Software, Inc. Systems and methods for implementing protocol enforcement rules
US20040003287A1 (en) * 2002-06-28 2004-01-01 Zissimopoulos Vasileios Bill Method for authenticating kerberos users from common web browsers
US20060149962A1 (en) * 2003-07-11 2006-07-06 Ingrian Networks, Inc. Network attached encryption
US7359984B1 (en) 2002-07-15 2008-04-15 Packeteer, Inc. Management of network quality of service
US20050254652A1 (en) * 2002-07-16 2005-11-17 Haim Engler Automated network security system and method
US7373347B2 (en) * 2002-07-22 2008-05-13 Ricoh Company, Ltd. Information processing apparatus and information processing method
US8271778B1 (en) * 2002-07-24 2012-09-18 The Nielsen Company (Us), Llc System and method for monitoring secure data on a network
US7565413B1 (en) * 2002-08-05 2009-07-21 Cisco Technology, Inc. Content request redirection from a wed protocol to a file protocol
US20070107067A1 (en) * 2002-08-24 2007-05-10 Ingrian Networks, Inc. Secure feature activation
US7058633B1 (en) * 2002-09-09 2006-06-06 Cisco Technology, Inc. System and method for generalized URL-rewriting
US7584263B1 (en) * 2002-09-25 2009-09-01 At&T Intellectual Property I, L. P. System and method for providing services access through a family home page
US20050038869A1 (en) * 2002-09-25 2005-02-17 Randy Zimler Business portal API
US7480724B2 (en) 2002-09-25 2009-01-20 At&T Intellectual Property I, L.P. API tool-set for providing services through a residential communication gateway
US20050188002A1 (en) * 2003-09-02 2005-08-25 Guanghong Yang Apparatus, method, and computer program product for building virtual networks
US7568218B2 (en) * 2002-10-31 2009-07-28 Microsoft Corporation Selective cross-realm authentication
US7669229B2 (en) * 2002-11-13 2010-02-23 Intel Corporation Network protecting authentication proxy
US7249177B1 (en) * 2002-11-27 2007-07-24 Sprint Communications Company L.P. Biometric authentication of a client network connection
US20040117485A1 (en) * 2002-12-03 2004-06-17 Collatus Corporation, A Delaware Corporation Apparatus, method, and computer program product for tunneling TCP based client-server applications
US7409439B2 (en) * 2002-12-09 2008-08-05 Sun Microsystems Inc. Reducing overhead in reverse proxy servers when processing web pages
US7412539B2 (en) * 2002-12-18 2008-08-12 Sonicwall, Inc. Method and apparatus for resource locator identifier rewrite
DE10260926B4 (en) * 2002-12-20 2005-12-01 Hewlett-Packard Development Co., L.P., Houston communication method
US7454622B2 (en) * 2002-12-31 2008-11-18 American Express Travel Related Services Company, Inc. Method and system for modular authentication and session management
US9818136B1 (en) 2003-02-05 2017-11-14 Steven M. Hoffberg System and method for determining contingent relevance
US20040172311A1 (en) * 2003-02-28 2004-09-02 Kauderer Steven I. Method of and system for evaluating underwriting activities
EP1599804A1 (en) * 2003-03-05 2005-11-30 Intellisync Corporation Virtual private network between computing network and remote device
JP4507623B2 (en) * 2003-03-05 2010-07-21 富士ゼロックス株式会社 Network connection system
US20040181663A1 (en) * 2003-03-13 2004-09-16 Sami Pienimaki Forced encryption for wireless local area networks
US20080261632A1 (en) * 2003-03-19 2008-10-23 Research In Motion Limited System and Method for Pushing Information from a Host System to a Mobile Data Communication Device in a Wireless Data Network
US7644275B2 (en) 2003-04-15 2010-01-05 Microsoft Corporation Pass-thru for client authentication
US20040215790A1 (en) * 2003-04-24 2004-10-28 Miller Robert A. Information network access
US20050055463A1 (en) * 2003-05-16 2005-03-10 Verilegal, Inc. Secure internet functionality
JP4260116B2 (en) * 2003-05-22 2009-04-30 富士通株式会社 Secure virtual private network
US7251700B2 (en) * 2003-05-27 2007-07-31 Oracle International Corporation Time-to-live timeout on a logical connection from a connection cache
US7486618B2 (en) * 2003-05-27 2009-02-03 Oracle International Corporation Weighted attributes on connections and closest connection match from a connection cache
US7269692B2 (en) * 2003-05-27 2007-09-11 Oracle International Corporation Implicit connection caching
US8108939B2 (en) * 2003-05-29 2012-01-31 Oracle International Corporation Method and apparatus to facilitate security-enabled content caching
US20040243841A1 (en) * 2003-06-02 2004-12-02 Stumpf Bradley W. Network configuration using scannable token
US7676675B2 (en) * 2003-06-06 2010-03-09 Microsoft Corporation Architecture for connecting a remote client to a local client desktop
US7299492B2 (en) * 2003-06-12 2007-11-20 International Business Machines Corporation Multi-level multi-user web services security system and method
US20040260946A1 (en) * 2003-06-20 2004-12-23 Cahill Conor P. User not present
US7490237B1 (en) * 2003-06-27 2009-02-10 Microsoft Corporation Systems and methods for caching in authentication systems
US7526730B1 (en) * 2003-07-01 2009-04-28 Aol Llc Identifying URL target hostnames
EP1645971B8 (en) * 2003-07-11 2016-03-30 Nippon Telegraph And Telephone Corporation Database access control method, database access control apparatus, proxy process server apparatus, program for database access control and recording medium recording the program
US8645471B2 (en) 2003-07-21 2014-02-04 Synchronoss Technologies, Inc. Device message management system
US20050025172A1 (en) * 2003-07-30 2005-02-03 Justin Frankel Method and apparatus for secure distributed collaboration and communication
CN100456766C (en) 2003-08-06 2009-01-28 华为技术有限公司 Method for realizing network-visit control
JP4348151B2 (en) * 2003-09-19 2009-10-21 株式会社リコー Information processing apparatus and information processing method
US8719436B2 (en) * 2003-10-06 2014-05-06 International Business Machines Corporation Tunneling non-HTTP traffic through a reverse proxy
US7634509B2 (en) * 2003-11-07 2009-12-15 Fusionone, Inc. Personal information space management system and method
US7584500B2 (en) * 2003-11-19 2009-09-01 Hughes Network Systems, Llc Pre-fetching secure content using proxy architecture
US7590713B2 (en) * 2003-11-24 2009-09-15 Microsoft Corporation Presenting a merged view of remote application shortcuts from multiple providers
US7720906B2 (en) * 2003-11-24 2010-05-18 Microsoft Corporation Web service for remote application discovery
US7890751B1 (en) * 2003-12-03 2011-02-15 Comtech Ef Data Corp Method and system for increasing data access in a secure socket layer network environment
US8590032B2 (en) * 2003-12-10 2013-11-19 Aventail Llc Rule-based routing to resources through a network
WO2005059684B1 (en) * 2003-12-10 2005-11-17 Aventail Corp End point control
US8661158B2 (en) * 2003-12-10 2014-02-25 Aventail Llc Smart tunneling to resources in a network
WO2006044820A3 (en) * 2004-10-14 2006-06-29 Aventail Corp Rule-based routing to resources through a network
DE10358019A1 (en) * 2003-12-11 2005-07-14 Siemens Ag A method for updating an automation system
US20050129066A1 (en) * 2003-12-15 2005-06-16 Steven Tischer Systems, methods, and storage medium for transmitting data over a computer network
US20050132183A1 (en) * 2003-12-16 2005-06-16 Glenn Gearhart Method and system for user created personal private network (PPN) with secure communications and data transfer
US7272782B2 (en) * 2003-12-19 2007-09-18 Backweb Technologies, Inc. System and method for providing offline web application, page, and form access in a networked environment
US8078739B1 (en) * 2003-12-29 2011-12-13 Cisco Technology, Inc. Solution for handling URL-substitution for data access in a private network architecture
US7305706B2 (en) * 2004-01-15 2007-12-04 Cisco Technology, Inc. Establishing a virtual private network for a road warrior
US7962453B2 (en) * 2004-04-26 2011-06-14 Oracle International Corporation Dynamic redistribution of a distributed memory index when individual nodes have different lookup indexes
US7379952B2 (en) * 2004-01-30 2008-05-27 Oracle International Corporation Techniques for multiple window resource remastering among nodes of a cluster
US8126999B2 (en) 2004-02-06 2012-02-28 Microsoft Corporation Network DNA
JP4521865B2 (en) * 2004-02-27 2010-08-11 株式会社日立製作所 Storage system, attribute setting method of a computer system or storage area
US7505762B2 (en) 2004-02-27 2009-03-17 Fusionone, Inc. Wireless telephone data backup system
US8620286B2 (en) 2004-02-27 2013-12-31 Synchronoss Technologies, Inc. Method and system for promoting and transferring licensed content and applications
US7333612B2 (en) * 2004-03-19 2008-02-19 Cisco Technology, Inc. Methods and apparatus for confidentiality protection for Fibre Channel Common Transport
US7519596B2 (en) 2004-03-30 2009-04-14 Microsoft Corporation Globally trusted credentials leveraged for server access control
US7539858B2 (en) * 2004-04-05 2009-05-26 Nippon Telegraph And Telephone Corporation Packet encryption substituting device, method thereof, and program recording medium
US8611873B2 (en) 2004-05-12 2013-12-17 Synchronoss Technologies, Inc. Advanced contact identification system
US9542076B1 (en) 2004-05-12 2017-01-10 Synchronoss Technologies, Inc. System for and method of updating a personal profile
US7519835B2 (en) * 2004-05-20 2009-04-14 Safenet, Inc. Encrypted table indexes and searching encrypted tables
GB0411331D0 (en) * 2004-05-21 2004-06-23 Qinetiq Ltd Hyperlinks
US7543146B1 (en) 2004-06-18 2009-06-02 Blue Coat Systems, Inc. Using digital certificates to request client consent prior to decrypting SSL communications
CN100425041C (en) 2004-06-25 2008-10-08 腾讯科技(深圳)有限公司 Realtime communicating method and system for enterprise
US7080075B1 (en) * 2004-12-27 2006-07-18 Oracle International Corporation Dynamic remastering for a subset of nodes in a cluster environment
US7930365B2 (en) * 2005-02-16 2011-04-19 Cisco Technology, Inc. Method and apparatus to modify network identifiers at data servers
US20060200469A1 (en) * 2005-03-02 2006-09-07 Lakshminarayanan Chidambaran Global session identifiers in a multi-node system
US20060235973A1 (en) 2005-04-14 2006-10-19 Alcatel Network services infrastructure systems and methods
US7493400B2 (en) 2005-05-18 2009-02-17 Oracle International Corporation Creating and dissolving affinity relationships in a cluster
US8037169B2 (en) * 2005-05-18 2011-10-11 Oracle International Corporation Determining affinity in a cluster
EP1889169A4 (en) * 2005-05-19 2011-12-28 Fusionone Inc Mobile device address book builder
JP4961798B2 (en) 2005-05-20 2012-06-27 株式会社日立製作所 Encrypted communication method and system
US20060294366A1 (en) * 2005-06-23 2006-12-28 International Business Machines Corp. Method and system for establishing a secure connection based on an attribute certificate having user credentials
US7970788B2 (en) * 2005-08-02 2011-06-28 International Business Machines Corporation Selective local database access restriction
US7814065B2 (en) 2005-08-16 2010-10-12 Oracle International Corporation Affinity-based recovery/failover in a cluster environment
US8200971B2 (en) * 2005-09-23 2012-06-12 Cisco Technology, Inc. Method for the provision of a network service
GB0519466D0 (en) * 2005-09-23 2005-11-02 Scansafe Ltd Network communications
GB2430591B (en) * 2005-09-23 2010-09-01 Scansafe Ltd Network communications
US7475072B1 (en) 2005-09-26 2009-01-06 Quintura, Inc. Context-based search visualization and context management using neural networks
US20070079386A1 (en) * 2005-09-26 2007-04-05 Brian Metzger Transparent encryption using secure encryption device
US20070079140A1 (en) * 2005-09-26 2007-04-05 Brian Metzger Data migration
CN100534044C (en) 2005-09-26 2009-08-26 深圳市深信服电子科技有限公司 Method for realizing safety accessing of external network for user in gateway, gate bridge
US7620607B1 (en) 2005-09-26 2009-11-17 Quintura Inc. System and method for using a bidirectional neural network to identify sentences for use as document annotations
US8166404B2 (en) * 2005-10-04 2012-04-24 Disney Enterprises, Inc. System and/or method for authentication and/or authorization
US20070079357A1 (en) * 2005-10-04 2007-04-05 Disney Enterprises, Inc. System and/or method for role-based authorization
US8997246B2 (en) * 2005-10-04 2015-03-31 Disney Enterprises, Inc. System and/or method for authentication and/or authorization via a network
US7647625B2 (en) * 2005-10-04 2010-01-12 Disney Enterprises, Inc. System and/or method for class-based authorization
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US8234279B2 (en) * 2005-10-11 2012-07-31 The Boeing Company Streaming text data mining method and apparatus using multidimensional subspaces
GB0520836D0 (en) * 2005-10-13 2005-11-23 Scansafe Ltd Remote access to resources
US7756981B2 (en) 2005-11-03 2010-07-13 Quest Software, Inc. Systems and methods for remote rogue protocol enforcement
US7933923B2 (en) 2005-11-04 2011-04-26 International Business Machines Corporation Tracking and reconciling database commands
US20070180275A1 (en) * 2006-01-27 2007-08-02 Brian Metzger Transparent encryption using secure JDBC/ODBC wrappers
US8386768B2 (en) * 2006-02-08 2013-02-26 Safenet, Inc. High performance data encryption server and method for transparently encrypting/decrypting data
US7958091B2 (en) 2006-02-16 2011-06-07 Ingrian Networks, Inc. Method for fast bulk loading data into a database while bypassing exit routines
US20070199077A1 (en) * 2006-02-22 2007-08-23 Czuchry Andrew J Secure communication system
US8938554B2 (en) * 2006-03-02 2015-01-20 Oracle America, Inc. Mechanism for enabling a network address to be shared by multiple labeled containers
JPWO2007102536A1 (en) * 2006-03-08 2009-07-23 パナソニック株式会社 Distributed file management system
US8510812B2 (en) 2006-03-15 2013-08-13 Fortinet, Inc. Computerized system and method for deployment of management tunnels
US9704174B1 (en) 2006-05-25 2017-07-11 Sean I. Mcghie Conversion of loyalty program points to commerce partner points per terms of a mutual agreement
US8162209B2 (en) 2006-05-25 2012-04-24 Buchheit Brian K Storefront purchases utilizing non-negotiable credits earned from a game of chance
US7703673B2 (en) 2006-05-25 2010-04-27 Buchheit Brian K Web based conversion of non-negotiable credits associated with an entity to entity independent negotiable funds
US8342399B1 (en) 2006-05-25 2013-01-01 Mcghie Sean I Conversion of credits to funds
US8668146B1 (en) 2006-05-25 2014-03-11 Sean I. Mcghie Rewards program with payment artifact permitting conversion/transfer of non-negotiable credits to entity independent funds
US8376224B2 (en) 2006-05-25 2013-02-19 Sean I. Mcghie Self-service stations for utilizing non-negotiable credits earned from a game of chance
US8684265B1 (en) 2006-05-25 2014-04-01 Sean I. Mcghie Rewards program website permitting conversion/transfer of non-negotiable credits to entity independent funds
US8639842B1 (en) * 2006-06-30 2014-01-28 Cisco Technology, Inc. Scalable gateway for multiple data streams
US9304964B2 (en) * 2006-06-30 2016-04-05 Intel Corporation Separable transport layer in cache coherent multiple component microelectronic systems
US8352999B1 (en) 2006-07-21 2013-01-08 Cadence Design Systems, Inc. Method for managing data in a shared computing environment
US8566452B1 (en) * 2006-08-03 2013-10-22 F5 Networks, Inc. Intelligent HTTP based load-balancing, persistence, and application traffic management of SSL VPN tunnels
US8943304B2 (en) * 2006-08-03 2015-01-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
JP4950589B2 (en) * 2006-08-07 2012-06-13 株式会社東芝 Connection management system, connection management method and management server,
US8191131B2 (en) * 2006-08-23 2012-05-29 International Business Machines Corporation Obscuring authentication data of remote user
DK1912413T3 (en) * 2006-10-13 2010-05-25 Quipa Holdings Ltd Process to establish a secure virtual private network that utilizes peer-to-peer communication
US8379865B2 (en) * 2006-10-27 2013-02-19 Safenet, Inc. Multikey support for multiple office system
JP2008112398A (en) * 2006-10-31 2008-05-15 Hitachi Ltd Storage system and communication band control method
US8141100B2 (en) 2006-12-20 2012-03-20 International Business Machines Corporation Identifying attribute propagation for multi-tier processing
US7437370B1 (en) * 2007-02-19 2008-10-14 Quintura, Inc. Search engine graphical interface using maps and images
US8495367B2 (en) 2007-02-22 2013-07-23 International Business Machines Corporation Nondestructive interception of secure data in transit
JP2009003783A (en) * 2007-06-22 2009-01-08 Toshiba Corp Control device and control method for nonvolatile memory and storage device
US8769639B2 (en) * 2007-09-04 2014-07-01 Microsoft Corporation History-based downgraded network identification
CN100571188C (en) 2007-09-12 2009-12-16 杭州华三通信技术有限公司 Method for improving treatment efficiency of SSL gateway and SSL gateway
US20090132804A1 (en) * 2007-11-21 2009-05-21 Prabir Paul Secured live software migration
US8181111B1 (en) 2007-12-31 2012-05-15 Synchronoss Technologies, Inc. System and method for providing social context to digital activity
US7945556B1 (en) * 2008-01-22 2011-05-17 Sprint Communications Company L.P. Web log filtering
CN101984778B (en) 2008-01-26 2014-08-13 思杰系统有限公司 Systems and methods for fine grain policy driven COOKIE proxying
US8180754B1 (en) * 2008-04-01 2012-05-15 Dranias Development Llc Semantic neural network for aggregating query searches
US8261326B2 (en) 2008-04-25 2012-09-04 International Business Machines Corporation Network intrusion blocking security overlay
KR101005853B1 (en) * 2008-08-07 2011-01-05 한국전자통신연구원 Method and apparatus for providing home contents
US9003474B1 (en) 2008-08-22 2015-04-07 Taser International, Inc. Systems and methods for managing disclosure of protectable information
US20100107240A1 (en) * 2008-10-24 2010-04-29 Microsoft Corporation Network location determination for direct access networks
US8719901B2 (en) * 2008-10-24 2014-05-06 Synopsys, Inc. Secure consultation system
US8613072B2 (en) * 2009-02-26 2013-12-17 Microsoft Corporation Redirection of secure data connection requests
US8195818B2 (en) * 2009-06-22 2012-06-05 Oracle International Corporation Enforcing communication security for selected resources
US8131822B2 (en) * 2009-07-01 2012-03-06 Suresh Srinivasan Access of elements for a secure web page through a non-secure channel
US8782773B2 (en) * 2009-09-30 2014-07-15 Avaya Inc. Framework for communicating across a firewall
GB2474504B (en) 2009-10-19 2015-12-02 Ubiquisys Ltd Wireless access point
US8255006B1 (en) 2009-11-10 2012-08-28 Fusionone, Inc. Event dependent notification system and method
FR2955727B1 (en) * 2010-01-26 2012-04-06 Sagem Defense Securite Method for secure access to a network and network and protects
US8601569B2 (en) * 2010-04-09 2013-12-03 International Business Machines Corporation Secure access to a private network through a public wireless network
JP5543666B2 (en) * 2010-04-30 2014-07-09 インターデイジタル パテント ホールディングス インコーポレイテッド Lightweight protocol and agents in the network communication
US8910259B2 (en) 2010-08-14 2014-12-09 The Nielsen Company (Us), Llc Systems, methods, and apparatus to monitor mobile internet activity
US8886773B2 (en) 2010-08-14 2014-11-11 The Nielsen Company (Us), Llc Systems, methods, and apparatus to monitor mobile internet activity
US20120066750A1 (en) * 2010-09-13 2012-03-15 Mcdorman Douglas User authentication and provisioning method and system
US8943428B2 (en) 2010-11-01 2015-01-27 Synchronoss Technologies, Inc. System for and method of field mapping
US8943570B1 (en) * 2010-12-02 2015-01-27 Cellco Partnership Techniques for providing enhanced network security
CA2775427A1 (en) * 2011-04-27 2012-10-27 Perspecsys Inc. System and method of data interception and conversion in a proxy
US9124920B2 (en) 2011-06-29 2015-09-01 The Nielson Company (Us), Llc Methods, apparatus, and articles of manufacture to identify media presentation devices
US8594617B2 (en) 2011-06-30 2013-11-26 The Nielsen Company (Us), Llc Systems, methods, and apparatus to monitor mobile internet activity
US9094090B2 (en) 2011-09-23 2015-07-28 Gilat Satellite Networks Ltd. Decentralized caching system
US9197600B2 (en) * 2011-09-29 2015-11-24 Israel L'Heureux Smart router
US20160006695A1 (en) * 2012-02-09 2016-01-07 Brian Prodoehl Secure Remote Computer Network
US9219709B2 (en) * 2012-03-27 2015-12-22 Saife, Inc. Multi-wrapped virtual private network
US20130339532A1 (en) * 2012-06-18 2013-12-19 Richard Nelson System and method for cookie-based browser identification and tracking
US8635668B1 (en) 2012-07-11 2014-01-21 International Business Machines Corporation Link analysis tool for security information handling system
US8806575B2 (en) 2012-07-11 2014-08-12 International Business Machines Corporation Network selection tool for information handling system
US9355036B2 (en) 2012-09-18 2016-05-31 Netapp, Inc. System and method for operating a system to cache a networked file system utilizing tiered storage and customizable eviction policies based on priority and tiers
US20140082128A1 (en) * 2012-09-18 2014-03-20 Netapp, Inc. Dynamic detection and selection of file servers in a caching application or system
US9445266B2 (en) * 2012-09-25 2016-09-13 Blackberry Limited Smart plug or cradle
US8543696B1 (en) * 2012-10-02 2013-09-24 Appsense Limited Network access
US9313087B2 (en) 2013-01-29 2016-04-12 Stg Interactive, S.A. Distributed computing architecture
US20140258511A1 (en) * 2013-03-11 2014-09-11 Bluebox Security Inc. Methods and Apparatus for Reestablishing Secure Network Communications
US9301173B2 (en) 2013-03-15 2016-03-29 The Nielsen Company (Us), Llc Methods and apparatus to credit internet usage
US9130929B2 (en) * 2013-03-15 2015-09-08 Aol Inc. Systems and methods for using imaging to authenticate online users
US20140304833A1 (en) * 2013-04-04 2014-10-09 Xerox Corporation Method and system for providing access to crowdsourcing tasks
US9304997B2 (en) 2013-08-27 2016-04-05 Netapp, Inc. Asynchronously migrating a file system
US9311314B2 (en) 2013-08-27 2016-04-12 Netapp, Inc. System and method for migrating data from a source file system to a destination file system with use of attribute manipulation
US9311331B2 (en) 2013-08-27 2016-04-12 Netapp, Inc. Detecting out-of-band (OOB) changes when replicating a source file system using an in-line system
US9300692B2 (en) 2013-08-27 2016-03-29 Netapp, Inc. System and method for implementing data migration while preserving security policies of a source filer
WO2015070341A1 (en) * 2013-11-14 2015-05-21 Pleasant Solutions Inc. System and method for credentialed access to a remote server
CA2937137A1 (en) * 2014-01-31 2015-08-06 Ricoh Company, Ltd. Management system, program and management method
US9762625B2 (en) * 2014-05-28 2017-09-12 Apple Inc. Device and method for virtual private network connection establishment
US20160127489A1 (en) * 2014-10-31 2016-05-05 Solidfire, Inc. Multi-tenant networking
US9762688B2 (en) 2014-10-31 2017-09-12 The Nielsen Company (Us), Llc Methods and apparatus to improve usage crediting in mobile devices
US20160212107A1 (en) * 2015-01-21 2016-07-21 Oracle International Corporation Tape drive encryption in the data path

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5553239A (en) 1994-11-10 1996-09-03 At&T Corporation Management facility for server entry and application utilization in a multi-node server configuration
US5673322A (en) 1996-03-22 1997-09-30 Bell Communications Research, Inc. System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks
US5757924A (en) 1995-09-18 1998-05-26 Digital Secured Networks Techolognies, Inc. Network security device which performs MAC address translation without affecting the IP address
US5768271A (en) 1996-04-12 1998-06-16 Alcatel Data Networks Inc. Virtual private network
US5805803A (en) 1997-05-13 1998-09-08 Digital Equipment Corporation Secure web tunnel
US5825890A (en) 1995-08-25 1998-10-20 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5913025A (en) 1996-11-14 1999-06-15 Novell, Inc. Method and apparatus for proxy authentication
US5963915A (en) 1996-02-21 1999-10-05 Infoseek Corporation Secure, convenient and efficient system and method of performing trans-internet purchase transactions
US5991810A (en) 1997-08-01 1999-11-23 Novell, Inc. User name authentication for gateway clients accessing a proxy cache server
US6029245A (en) 1997-03-25 2000-02-22 International Business Machines Corporation Dynamic assignment of security parameters to web pages
US6065120A (en) * 1997-12-09 2000-05-16 Phone.Com, Inc. Method and system for self-provisioning a rendezvous to ensure secure access to information in a database from multiple devices
US6148405A (en) * 1997-11-10 2000-11-14 Phone.Com, Inc. Method and system for secure lightweight transactions in wireless data networks
US6233577B1 (en) * 1998-02-17 2001-05-15 Phone.Com, Inc. Centralized certificate management system for two-way interactive communication devices in data networks
US6263437B1 (en) * 1998-02-19 2001-07-17 Openware Systems Inc Method and apparatus for conducting crypto-ignition processes between thin client devices and server devices over data networks
US6745229B1 (en) * 1997-09-26 2004-06-01 Worldcom, Inc. Web based integrated customer interface for invoice reporting

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5522041A (en) * 1992-12-17 1996-05-28 Hitachi, Ltd. Data processor and data transfer method
US5550984A (en) * 1994-12-07 1996-08-27 Matsushita Electric Corporation Of America Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
US5706434A (en) * 1995-07-06 1998-01-06 Electric Classifieds, Inc. Integrated request-response system and method generating responses to request objects formatted according to various communication protocols
US5752022A (en) * 1995-08-07 1998-05-12 International Business Machines Corp. Method for creating a hypertext language for a distributed computer network
US5745360A (en) * 1995-08-14 1998-04-28 International Business Machines Corp. Dynamic hypertext link converter system and process
US5761683A (en) * 1996-02-13 1998-06-02 Microtouch Systems, Inc. Techniques for changing the behavior of a link in a hypertext document
US5727145A (en) * 1996-06-26 1998-03-10 Sun Microsystems, Inc. Mechanism for locating objects in a secure fashion
JP3663501B2 (en) * 1996-07-19 2005-06-22 泱 渡邉 Ultrasonic probe and ultrasonic inspection device
US5890171A (en) * 1996-08-06 1999-03-30 Microsoft Corporation Computer system and computer-implemented method for interpreting hypertext links in a document when including the document within another document
JP3966598B2 (en) * 1998-03-04 2007-08-29 富士通株式会社 Server selection system
US6081900A (en) * 1999-03-16 2000-06-27 Novell, Inc. Secure intranet access

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5553239A (en) 1994-11-10 1996-09-03 At&T Corporation Management facility for server entry and application utilization in a multi-node server configuration
US5825890A (en) 1995-08-25 1998-10-20 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5757924A (en) 1995-09-18 1998-05-26 Digital Secured Networks Techolognies, Inc. Network security device which performs MAC address translation without affecting the IP address
US5963915A (en) 1996-02-21 1999-10-05 Infoseek Corporation Secure, convenient and efficient system and method of performing trans-internet purchase transactions
US5673322A (en) 1996-03-22 1997-09-30 Bell Communications Research, Inc. System and method for providing protocol translation and filtering to access the world wide web from wireless or low-bandwidth networks
US5768271A (en) 1996-04-12 1998-06-16 Alcatel Data Networks Inc. Virtual private network
US5913025A (en) 1996-11-14 1999-06-15 Novell, Inc. Method and apparatus for proxy authentication
US6029245A (en) 1997-03-25 2000-02-22 International Business Machines Corporation Dynamic assignment of security parameters to web pages
US5805803A (en) 1997-05-13 1998-09-08 Digital Equipment Corporation Secure web tunnel
US5991810A (en) 1997-08-01 1999-11-23 Novell, Inc. User name authentication for gateway clients accessing a proxy cache server
US6745229B1 (en) * 1997-09-26 2004-06-01 Worldcom, Inc. Web based integrated customer interface for invoice reporting
US6148405A (en) * 1997-11-10 2000-11-14 Phone.Com, Inc. Method and system for secure lightweight transactions in wireless data networks
US6065120A (en) * 1997-12-09 2000-05-16 Phone.Com, Inc. Method and system for self-provisioning a rendezvous to ensure secure access to information in a database from multiple devices
US6233608B1 (en) * 1997-12-09 2001-05-15 Openwave Systems Inc. Method and system for securely interacting with managed data from multiple devices
US6233577B1 (en) * 1998-02-17 2001-05-15 Phone.Com, Inc. Centralized certificate management system for two-way interactive communication devices in data networks
US6263437B1 (en) * 1998-02-19 2001-07-17 Openware Systems Inc Method and apparatus for conducting crypto-ignition processes between thin client devices and server devices over data networks

Non-Patent Citations (21)

* Cited by examiner, † Cited by third party
Title
"A New Management and Security Architechture for Extranets", http://www.aventail.com/index.phtml/solutions/white_papers/aec_wp.phtml, (1196-1999), 1-14.
"CMS Proxy Server-White Paper", http://csm.alcyonis.fr/proxies.htm, (1995-1998), 1-13.
"CSM Proxy Server, the Ultimate Gateway to the Internet!", http://www.csm-usa.com/white/gateway.htm, no later than Aug. 4, 1998, 1-5.
"How the Proxy works", http://gopher.texshare.utexas.edu/Current/AccessMeet/accessproxy/how.html, (Jul. 22, 1998), 1-2.
"Info needed to write https proxy", http://www.netsys.com/firewalls-9604/0406.html, (Apr. 11, 1996), 1.
"Microsoft Proxy Server Proxy vs. Border Manager", http://microsoft.com/proxy/comparisons/bulletin.asp?A=4&B=4, (1998), 1-8.
"Microsoft Proxy Server", http://www/microsoft.com/proxy/guide/whatsnew.asp?a=2&B=1, no later than Aug. 4, 1998, 1-4.
"NetSafteV3.0 The Firewall Solution from Siemens Nixdorf", http://www.swn.sni.be/NetSafe.htm, (May 31, 1997), 1-3.
"Netscpe Proxy Server Administrator's Guide Version 3.5 for Unix", http://developer.netscape.com/docs/manuals/proxy/adminux//contents.htm, (1997).
"OWF Basics", http://www.omnigroup.com/MailArchive/OmniWeb-dev/Current/0002.html, (1997), 1-2.
"r3 CypherClient", http://www.r3.ch/products/cypher/cypherclient.html, (1998), 1-4.
"Submission: HTTPS v1.0 PAckage for OmniWeb 3x (Rhapsody)", http://www.plsys.co.uk.MailingLists/uk-next-announce.msg00251.html, (Jan. 24, 1998).
"Virtual Private Networking: An Overview", Microsoft http://www.microsoft.com/workshop/sever/feature/vpnovw.asp, no later than Feb. 25, 1998.
"Webroute 1.3.0", http://www-miaif.lip6.fr/willy/pub/webroute/v1.3/untared/CHANGES, (1997), 1-2.
"WedSTAR Security Toolkit: Troubleshooting", http://www.starnine.com/support/ga/webstarssl/ssltroubleshoot.html, 1-2.
Elgamal, Taher, et al., "Securing Communications on the Intranet and Over the Internet", http://www.netscape.com/newsref/ref/128bit.html, (Jul. 1996),1-2.
Feibel, Werner, "Novell's Complete Encyclopedia of Networking", (1995),625-630.
Ferguson, Paul , et al., "Waht is a VPN?", Ferguson & Hutson, Revision 1, (Apr., 1998), 1-22.
Schneider, Bruce , "Applied Cryptography Protocols, Algorithms, and Source Code in C", (1994),436-437.
Tannebaum, Andrew S., "Computer Networks", 3d Ed., (1996),28-29, 396-417, 601-621, and 681-695.
Zhong, Qun , et al., "Security Control for COTS Components", IEEE Computer, (Jun., 1998),67-73.

Cited By (110)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8060926B1 (en) 1999-03-16 2011-11-15 Novell, Inc. Techniques for securely managing and accelerating data delivery
US7904951B1 (en) 1999-03-16 2011-03-08 Novell, Inc. Techniques for securely accelerating external domains locally
US7966496B2 (en) 1999-07-02 2011-06-21 Jpmorgan Chase Bank, N.A. System and method for single sign on process for websites with multiple applications and services
US8590008B1 (en) 1999-07-02 2013-11-19 Jpmorgan Chase Bank, N.A. System and method for single sign on process for websites with multiple applications and services
US7685013B2 (en) 1999-11-04 2010-03-23 Jpmorgan Chase Bank System and method for automatic financial project management
US8571975B1 (en) 1999-11-24 2013-10-29 Jpmorgan Chase Bank, N.A. System and method for sending money via E-mail over the internet
US8438086B2 (en) 2000-06-12 2013-05-07 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US7426530B1 (en) * 2000-06-12 2008-09-16 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US20030101116A1 (en) * 2000-06-12 2003-05-29 Rosko Robert J. System and method for providing customers with seamless entry to a remote server
US8458070B2 (en) 2000-06-12 2013-06-04 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US8160960B1 (en) 2001-06-07 2012-04-17 Jpmorgan Chase Bank, N.A. System and method for rapid updating of credit information
US8185940B2 (en) 2001-07-12 2012-05-22 Jpmorgan Chase Bank, N.A. System and method for providing discriminated content to network users
US8335855B2 (en) 2001-09-19 2012-12-18 Jpmorgan Chase Bank, N.A. System and method for portal infrastructure tracking
US9646304B2 (en) 2001-09-21 2017-05-09 Jpmorgan Chase Bank, N.A. System for providing cardless payment
US7689504B2 (en) 2001-11-01 2010-03-30 Jpmorgan Chase Bank, N.A. System and method for establishing or modifying an account with user selectable terms
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US20030108063A1 (en) * 2001-12-07 2003-06-12 Joseph Moses S. System and method for aggregating multiple information channels across a network
US9129120B2 (en) 2001-12-12 2015-09-08 Intellectual Ventures I Llc Methods and systems for providing access control to secured data
US7681034B1 (en) 2001-12-12 2010-03-16 Chang-Ping Lee Method and apparatus for securing electronic data
US8065713B1 (en) 2001-12-12 2011-11-22 Klimenty Vainstein System and method for providing multi-location access management to secured items
US8266674B2 (en) 2001-12-12 2012-09-11 Guardian Data Storage, Llc Method and system for implementing changes to security policies in a distributed security system
US9542560B2 (en) 2001-12-12 2017-01-10 Intellectual Ventures I Llc Methods and systems for providing access control to secured data
US8543827B2 (en) 2001-12-12 2013-09-24 Intellectual Ventures I Llc Methods and systems for providing access control to secured data
US7729995B1 (en) 2001-12-12 2010-06-01 Rossmann Alain Managing secured files in designated locations
US8341406B2 (en) 2001-12-12 2012-12-25 Guardian Data Storage, Llc System and method for providing different levels of key security for controlling access to secured items
US7913311B2 (en) 2001-12-12 2011-03-22 Rossmann Alain Methods and systems for providing access control to electronic data
US7930756B1 (en) 2001-12-12 2011-04-19 Crocker Steven Toye Multi-level cryptographic transformations for securing digital assets
USRE41546E1 (en) 2001-12-12 2010-08-17 Klimenty Vainstein Method and system for managing security tiers
US7783765B2 (en) 2001-12-12 2010-08-24 Hildebrand Hal S System and method for providing distributed access control to secured documents
US7921450B1 (en) 2001-12-12 2011-04-05 Klimenty Vainstein Security system using indirect key generation from access rules and methods therefor
US7921288B1 (en) 2001-12-12 2011-04-05 Hildebrand Hal S System and method for providing different levels of key security for controlling access to secured items
US8918839B2 (en) 2001-12-12 2014-12-23 Intellectual Ventures I Llc System and method for providing multi-location access management to secured items
USRE43906E1 (en) 2001-12-12 2013-01-01 Guardian Data Storage Llc Method and apparatus for securing digital assets
US7921284B1 (en) 2001-12-12 2011-04-05 Gary Mark Kinghorn Method and system for protecting electronic data in enterprise environment
US8006280B1 (en) 2001-12-12 2011-08-23 Hildebrand Hal S Security system for generating keys from access rules in a decentralized manner and methods therefor
US7950066B1 (en) 2001-12-21 2011-05-24 Guardian Data Storage, Llc Method and system for restricting use of a clipboard application
US8943316B2 (en) 2002-02-12 2015-01-27 Intellectual Ventures I Llc Document security system that permits external users to gain access to secured files
US7461262B1 (en) * 2002-03-19 2008-12-02 Cisco Technology, Inc. Methods and apparatus for providing security in a caching device
US9286484B2 (en) 2002-04-22 2016-03-15 Intellectual Ventures I Llc Method and system for providing document retention using cryptography
US8307067B2 (en) 2002-09-11 2012-11-06 Guardian Data Storage, Llc Protecting encrypted files transmitted over a network
US8176334B2 (en) 2002-09-30 2012-05-08 Guardian Data Storage, Llc Document security system that permits external users to gain access to secured files
US7756816B2 (en) 2002-10-02 2010-07-13 Jpmorgan Chase Bank, N.A. System and method for network-based project management
US7836310B1 (en) 2002-11-01 2010-11-16 Yevgeniy Gutnik Security system that uses indirect password-based encryption
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
US7890990B1 (en) 2002-12-20 2011-02-15 Klimenty Vainstein Security system with staging capabilities
US8707034B1 (en) 2003-05-30 2014-04-22 Intellectual Ventures I Llc Method and system for using remote headers to secure electronic files
US7730543B1 (en) 2003-06-30 2010-06-01 Satyajit Nath Method and system for enabling users of a group shared across multiple file security systems to access secured files
US20050060384A1 (en) * 2003-09-11 2005-03-17 International Business Machines Corporation Providing hyperlinks in web documents linkable to other alternative web documents in a world wide web network
US8739302B2 (en) 2003-09-30 2014-05-27 Intellectual Ventures I Llc Method and apparatus for transitioning between states of security policies used to secure electronic documents
US8327138B2 (en) 2003-09-30 2012-12-04 Guardian Data Storage Llc Method and system for securing digital assets using process-driven security policies
US7703140B2 (en) 2003-09-30 2010-04-20 Guardian Data Storage, Llc Method and system for securing digital assets using process-driven security policies
US8127366B2 (en) 2003-09-30 2012-02-28 Guardian Data Storage, Llc Method and apparatus for transitioning between states of security policies used to secure electronic documents
US20050177746A1 (en) * 2003-12-22 2005-08-11 International Business Machines Corporation Method for providing network perimeter security assessment
US8561154B2 (en) * 2003-12-22 2013-10-15 International Business Machines Corporation Method for providing network perimeter security assessment
US9071646B2 (en) 2003-12-22 2015-06-30 International Business Machines Corporation Method, apparatus and program storage device for providing network perimeter security assessment
US9749350B2 (en) 2003-12-22 2017-08-29 International Business Machines Corporation Assessment of network perimeter security
US9503479B2 (en) 2003-12-22 2016-11-22 International Business Machines Corporation Assessment of network perimeter security
US8065720B1 (en) 2004-01-06 2011-11-22 Novell, Inc. Techniques for managing secure communications
US8613102B2 (en) 2004-03-30 2013-12-17 Intellectual Ventures I Llc Method and system for providing document retention using cryptography
US7437754B2 (en) * 2004-04-30 2008-10-14 Oracle International Corporation Web object access authorization protocol based on an HTTP validation model
US20050246383A1 (en) * 2004-04-30 2005-11-03 Desai Ajay M Web object access authorization protocol based on an HTTP validation model
US7707427B1 (en) 2004-07-19 2010-04-27 Michael Frederick Kenrich Multi-level file digests
US8301896B2 (en) 2004-07-19 2012-10-30 Guardian Data Storage, Llc Multi-level file digests
US9661021B2 (en) 2005-09-19 2017-05-23 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
US8583926B1 (en) 2005-09-19 2013-11-12 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
US9374366B1 (en) 2005-09-19 2016-06-21 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
US20070234408A1 (en) * 2006-03-31 2007-10-04 Novell, Inc. Methods and systems for multifactor authentication
US7739744B2 (en) 2006-03-31 2010-06-15 Novell, Inc. Methods and systems for multifactor authentication
US9679293B1 (en) 2006-07-14 2017-06-13 Jpmorgan Chase Bank, N.A. Systems and methods for multifactor authentication
US9240012B1 (en) 2006-07-14 2016-01-19 Jpmorgan Chase Bank, N.A. Systems and methods for multifactor authentication
US8793490B1 (en) 2006-07-14 2014-07-29 Jpmorgan Chase Bank, N.A. Systems and methods for multifactor authentication
US20110271114A1 (en) * 2006-10-19 2011-11-03 Mark Wayne Baysinger System and method for authenticating remote server access
US8265600B2 (en) * 2006-10-19 2012-09-11 Qualcomm Incorporated System and method for authenticating remote server access
US20080209524A1 (en) * 2007-02-23 2008-08-28 Microsoft Corporation Caching public objects with private connections
US8091124B2 (en) 2007-02-23 2012-01-03 Microsoft Corporation Caching public objects with private connections
US8996572B2 (en) 2007-04-10 2015-03-31 Apertio Limited Variant entries in network data repositories
US8402147B2 (en) 2007-04-10 2013-03-19 Apertio Limited Nomadic subscriber data system
US20080256020A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Variant entries in network data repositories
US20080256250A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Sub-tree access control in network architectures
US20080253403A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Nomadic subscriber data system
US7664866B2 (en) * 2007-04-10 2010-02-16 Apertio Limited Sub-tree access control in network architectures
US8782085B2 (en) 2007-04-10 2014-07-15 Apertio Limited Variant entries in network data repositories
US9112873B2 (en) 2007-04-10 2015-08-18 Apertio Limited Alias hiding in network data repositories
US20080256083A1 (en) * 2007-04-10 2008-10-16 Apertio Limited Alias hiding in network data repositories
US20080270612A1 (en) * 2007-04-30 2008-10-30 Microsoft Corporation Enabling secure remote assistance using a terminal services gateway
US9438662B2 (en) 2007-04-30 2016-09-06 Microsoft Technology Licensing, Llc Enabling secure remote assistance using a terminal services gateway
US8726011B1 (en) 2007-05-17 2014-05-13 Jpmorgan Chase Bank, N.A. Systems and methods for managing digital certificates
US8473735B1 (en) 2007-05-17 2013-06-25 Jpmorgan Chase Systems and methods for managing digital certificates
US8516566B2 (en) 2007-10-25 2013-08-20 Apple Inc. Systems and methods for using external authentication service for Kerberos pre-authentication
US20090110200A1 (en) * 2007-10-25 2009-04-30 Rahul Srinivas Systems and methods for using external authentication service for kerberos pre-authentication
US8549315B2 (en) 2008-01-24 2013-10-01 Jpmorgan Chase Bank, N.A. System and method for generating and managing administrator passwords
US8321682B1 (en) 2008-01-24 2012-11-27 Jpmorgan Chase Bank, N.A. System and method for generating and managing administrator passwords
US20110047627A1 (en) * 2008-03-10 2011-02-24 Invicta Networks, Inc. Method and system for secure data exfiltration from a closed network or system
WO2009114436A3 (en) * 2008-03-10 2009-12-10 Invicta Networks, Inc. Method and system for secure data exfiltration from a closed network or system
WO2009114436A2 (en) * 2008-03-10 2009-09-17 Invicta Networks, Inc. Method and system for secure data exfiltration from a closed network or system
US8613045B1 (en) * 2008-05-01 2013-12-17 F5 Networks, Inc. Generating secure roaming user profiles over a network
US8955050B1 (en) 2008-05-01 2015-02-10 F5 Networks, Inc. Generating secure roaming user profiles over a network
US9306951B1 (en) 2008-05-01 2016-04-05 F5 Networks, Inc. Generating secure roaming user profiles over a network
US20120023158A1 (en) * 2009-04-14 2012-01-26 Ashwin Kashyap Method for secure transfer of multiple small messages
US9608826B2 (en) 2009-06-29 2017-03-28 Jpmorgan Chase Bank, N.A. System and method for partner key management
US8949591B2 (en) 2010-04-21 2015-02-03 Citrix Systems, Inc. Systems and methods for split proxying of SSL via WAN appliances
US8543805B2 (en) * 2010-04-21 2013-09-24 Citrix Systems, Inc. Systems and methods for split proxying of SSL via WAN appliances
US20110264905A1 (en) * 2010-04-21 2011-10-27 Michael Ovsiannikov Systems and methods for split proxying of ssl via wan appliances
US20120210414A1 (en) * 2011-02-15 2012-08-16 Canon Kabushiki Kaisha Information processing system, method for controlling information processing system, and storage medium
US8938789B2 (en) * 2011-02-15 2015-01-20 Canon Kabushiki Kaisha Information processing system, method for controlling information processing system, and storage medium
US9419957B1 (en) 2013-03-15 2016-08-16 Jpmorgan Chase Bank, N.A. Confidence-based authentication
US9654473B2 (en) 2013-06-28 2017-05-16 Bmc Software, Inc. Authentication proxy agent
US20160197886A1 (en) * 2015-01-07 2016-07-07 Anchorfree Inc. Secure personal server system and method
US9942204B2 (en) * 2015-01-07 2018-04-10 Anchorfree Inc. Secure personal server system and method

Also Published As

Publication number Publication date Type
US6640302B1 (en) 2003-10-28 grant
US6081900A (en) 2000-06-27 grant
US20040049702A1 (en) 2004-03-11 application

Similar Documents

Publication Publication Date Title
Hodges et al. Http strict transport security (hsts)
Sun et al. Handle system overview
US5764890A (en) Method and system for adding a secure network server to an existing computer network
US5826014A (en) Firewall system for protecting network elements connected to a public network
US6104716A (en) Method and apparatus for lightweight secure communication tunneling over the internet
US7185047B1 (en) Caching and accessing rights in a distributed computing system
US5604490A (en) Method and system for providing a user access to multiple secured subsystems
US6532493B1 (en) Methods and apparatus for redirecting network cache traffic
US6766454B1 (en) System and method for using an authentication applet to identify and authenticate a user in a computer network
US6732105B1 (en) Secure authentication proxy architecture for a web-based wireless intranet application
Arregoces et al. Data center fundamentals
US7743404B1 (en) Method and system for single signon for multiple remote sites of a computer network
US6510464B1 (en) Secure gateway having routing feature
US7970923B2 (en) Systems and methods for accelerating delivery of a computing environment to a remote user
US6446109B2 (en) Application computing environment
US8132242B1 (en) Automated authentication of software applications using a limited-use token
US6529513B1 (en) Method of using static maps in a virtual private network
US6751677B1 (en) Method and apparatus for allowing a secure and transparent communication between a user device and servers of a data access network system via a firewall and a gateway
US6754831B2 (en) Authenticated firewall tunneling framework
Blaze et al. Trust management for IPsec
US7463637B2 (en) Public and private network service management systems and methods
US9130756B2 (en) Managing secure content in a content delivery network
US5550984A (en) Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
US6088796A (en) Secure middleware and server control system for querying through a network firewall
US7240100B1 (en) Content delivery network (CDN) content server request handling mechanism with metadata framework support

Legal Events

Date Code Title Description
FPAY Fee payment

Year of fee payment: 4

AS Assignment

Owner name: CPTN HOLDINGS LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NOVELL,INC.;REEL/FRAME:027465/0227

Effective date: 20110427

Owner name: NOVELL INTELLECTUAL PROPERTY HOLDINGS, INC., WASHI

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CPTN HOLDINGS LLC;REEL/FRAME:027465/0206

Effective date: 20110909

AS Assignment

Owner name: NOVELL INTELLECTUAL PROPERTY HOLDING, INC., WASHIN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CPTN HOLDINGS LLC;REEL/FRAME:027325/0131

Effective date: 20110909

FPAY Fee payment

Year of fee payment: 8

AS Assignment

Owner name: RPX CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NOVELL INTELLECTUAL PROPERTY HOLDINGS, INC.;REEL/FRAME:037809/0057

Effective date: 20160208

AS Assignment

Owner name: JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT, IL

Free format text: SECURITY AGREEMENT;ASSIGNORS:RPX CORPORATION;RPX CLEARINGHOUSE LLC;REEL/FRAME:038041/0001

Effective date: 20160226

FPAY Fee payment

Year of fee payment: 12

AS Assignment

Owner name: RPX CLEARINGHOUSE LLC, CALIFORNIA

Free format text: RELEASE (REEL 038041 / FRAME 0001);ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:044970/0030

Effective date: 20171222

Owner name: RPX CORPORATION, CALIFORNIA

Free format text: RELEASE (REEL 038041 / FRAME 0001);ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:044970/0030

Effective date: 20171222